Coming to the rescue of netizens
worldwide, the company takes three days to patch a serious security
vulnerability in its Java software
Early last
week, security watchdogs raised a big hue and cry over the presence of a
zero-day vulnerability in Java, developed by Oracle Corporation, a
piece of software that is synonymous with the Web and Web browsers.
We, too, reported about Java’s serious security flaw on Friday.
No cause for concern anymore, however,
as reports confirm that the Java vulnerability, which would potentially
allow hackers to cause mayhem on infected machines, has been
successfully patched by Oracle within three days.
Released by Oracle, Java 7 Update 11 is
the instant critical security update required to fix the zero-day
exploit present in Java 7 Update 10 and previous versions of the Java
software. According to Oracle, this latest update modifies the way in
which Web apps interact with Java on a local computer.
Oracle also states that “the default
security level for Java applets and web start applications has been
increased from Medium to High.” It further states:
“This affects the conditions under
which unsigned (sandboxed) Java web applications can run. Previously, as
long as you had the latest secure Java release installed applets and
web start applications would continue to run as always. With the "High"
setting the user is always warned before any unsigned application is run
to prevent silent exploitation.”
While it’s good to see Oracle act this
quickly and release a security fix for the Java vulnerability in record
time, remember that you don’t have to run Java if you don’t absolutely
need it. Also, in the wake of this zero-day vulnerability, it is
absolutely critical to update your Java installation to its latest
version to prevent hackers from exploiting the bug.
You can download the latest Java 7 Update 11 here or through any active program or browser that uses Java.
0 comments:
Post a Comment