Jump to content

Java update plugs 20 critical security holes


nsane.forums

Recommended Posts

The patch, which provides a fix for the SSL Beast attack, comes at a time when anti-malware vendors are reporting an “unprecedented wave” of exploits against vulnerabilities in Java.

Oracle has shipped a critical Java update to fix at least 20 security vulnerabilities, some serious enough to cause remote code execution attacks.

“Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible,” the company warned in an advisory.

According to Oracle, 19 of the 20 vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

The patch, which provides a fix for the SSL Beast attack, comes at a time when anti-malware vendors are reporting an “unprecedented wave” of exploits against vulnerabilities in Java.

The chart below from Microsoft says it all:

Zo6uR.gif

view.gif View: Original Article

Link to comment
Share on other sites


  • Views 920
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...