About these ads
Home > Security > Oops, They Did it Again! New Vulnerability Discovered in Just-Patched Java

Oops, They Did it Again! New Vulnerability Discovered in Just-Patched Java


Did you update your Java Plug-in with the Update 7 after the critical vulnerability discovered last week? You’d better wait!

Adam Gowdiak, CEO of Security Exploration, the Polish startup that discovered the Java SE 7 vulnerabilities (immediately exploited by cyber criminals), has discovered a new flaw that affects the patched version of Java released this Thursday. A patch released outside the consolidated Oracle update cycle which foresees three updates per year: an uncommon event for the company which demonstrates the seriousness of the security hole.

Unluckily, history is repeating, Adam Gowdiak has told The Register, that just-released Java SE 7 Update 7, contains a flaw that could allow an attacker to bypass the Java security sandbox completely, making it possible to install malware or execute malicious code on affected systems.

Even more unluckily, history is totally repeating: as happened for the previous vulnerability, the bug was reported to Oracle in April 2012 (and unfortunately is not yet patched).

At this point there is no other choice than disabling Java from your favourite browser.

If you want to know if your browser is vulnerable, you can click the following link: http://www.isjavaexploitable.com/.

If you want to know how to disable Java in your environment, you can find detailed instructions at these links by Brian Kerbs or Naked Security.

Disable Java or Die!

  1. September 1, 2012 at 11:37 pm

    “Disable Java or Die!” Well FUCK YOU I hope Microsoft and Google are paying you well for this propaganda.

    Your kind are nothing but whores. I´m sure if ORCL put you on a contract these kind of posts would be nonexistant or much more lenient.

    • September 1, 2012 at 11:57 pm

      Thanks for your kind words. For the chronicle no one is paying me for blogging. I only think that a vulnerability, sorry two vulnerabilities, unpatched since April 2012 are quite curious. Don’t you think so?

  2. Bob Loblaw
    September 4, 2012 at 4:35 pm

    wow, Max. wake up with some sand in your vagina?

  1. September 1, 2012 at 5:29 pm
  2. September 1, 2012 at 9:34 pm
  3. September 4, 2012 at 9:41 am
  4. September 12, 2012 at 9:57 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 3,198 other followers