• Oracle Patches Security Vulnerability Found in Java SE 7

    Earlier this week, we reported about a recently discovered vulnerability in Java SE 7 that could pose a risk for users on a wide variety of platforms including Apple’s OS X. While the real threat to Mac users stemming from the vulnerability is very low because the Mac-specific exploit for the vulnerability was only seen by a small fraction of Mac users who manually installed Java SE 7. The incident served as another reminder the Mac users can be vulnerable malicious attacks.

    The issue was reportedly warned of the issue months ago and apparently didn’t take significant action to protect users until it became public, the company ended up moving quickly to address the problem with today’s announcement regarding the release of Java SE 7 Update 7. The update addresses the specific vulnerability disclosed earlier this week as well as several others and the company has also released Java SE 6 update 35 to address a separate issue with the earlier version. Oracle said the following in an announcement:

    If successfully exploited, these vulnerabilities can provide a malicious attacker the ability to plant discretionary binaries onto the compromised system, e.g. the vulnerabilities can be exploited to install malware, including Trojans, onto the targeted system. Note that this malware may in some instances be detected by current antivirus signatures upon its installation.
    For those of you who are interested, the updated versions of Java are available through Oracle’s Java download page.

    Source: Oracle (blog)
    This article was originally published in forum thread: Oracle Patches Security Vulnerability Found in Java SE 7 started by Akshay Masand View original post
    Comments 1 Comment
    1. mr117's Avatar
      mr117 -
      Again, before everyone panics, only a very small (minuscule) percentage of Mac users have 7. Everybody else still has an earlier iteration. You can check by going into Applications>Utilities>Java Preferences and seeing which version is on your machine. (I just updated to Mountain Lion last week, and I still have the earlier Java.) If in doubt, DON'T update Java (unless you KNOW you manually updated to 7 earlier).
  • Connect With Us

  • Twitter Box

  • Facebook