- Joined
- Jul 28, 2007
- Messages
- 3,326
- Reaction score
- 3,052
Oracle has released an out-of-band patch to address serious vulnerabilities in the Java platform.
The company said that the Java SE security update for February would include fixes for some 50 vulnerabilities, including critical flaws which are being actively targeted in the wild. The company said that all but one of the patched vulnerabilities could be remotely exploited without user permission or interaction.
The company is advising all users and administrators to download and install the updates as soon as possible due to the threat of online attacks targeting the flaw for malware attacks.
The update comes just weeks after Oracle was forced to push out another out-of-band update for Java in order to plug up security holes which were actively being exploited by attackers.
The release also comes as Oracle finds itself under fire from both security experts and fellow software vendors alike. Earlier this week Apple said that it would not be supporting the current versions of the Java browser plug-in on OS X, opting instead to set the next version of Java as the minimum allowed installation.
Earlier this month, security experts with the Sans Institute called on Oracle to overhaul its product development practices in order to build better security protections into Java and limit the impact of security vulnerabilities.
Other experts have advised users and administrators to disable Java entirely on their systems unless the component is absolutely necessary.
Source: IT news, reviews and analysis for UK IT professionals - V3.co.uk
The company said that the Java SE security update for February would include fixes for some 50 vulnerabilities, including critical flaws which are being actively targeted in the wild. The company said that all but one of the patched vulnerabilities could be remotely exploited without user permission or interaction.
The company is advising all users and administrators to download and install the updates as soon as possible due to the threat of online attacks targeting the flaw for malware attacks.
The update comes just weeks after Oracle was forced to push out another out-of-band update for Java in order to plug up security holes which were actively being exploited by attackers.
The release also comes as Oracle finds itself under fire from both security experts and fellow software vendors alike. Earlier this week Apple said that it would not be supporting the current versions of the Java browser plug-in on OS X, opting instead to set the next version of Java as the minimum allowed installation.
Earlier this month, security experts with the Sans Institute called on Oracle to overhaul its product development practices in order to build better security protections into Java and limit the impact of security vulnerabilities.
Other experts have advised users and administrators to disable Java entirely on their systems unless the component is absolutely necessary.
Source: IT news, reviews and analysis for UK IT professionals - V3.co.uk
