ID: IRCNE2012021408
Date: 2012-02-16
According to “ZDNet”, a new version of the Java SE has been released to patch 14 documented security vulnerabilities, some serious enough to let hackers remotely install malware on vulnerable machines.
“All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password,” Oracle warned in an advisory.
“Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.”
Security vendors are reporting an “unprecedented wave” of Java malware exploits. Exploits for known Java vulnerabilities have been fitted into the most widely distributed exploit kits, allowing Java to surpass Adobe Flash Player and Adobe Reader as the most commonly exploited Windows third-party desktop software.
- 2