There's yet another critical bug in Java

Posted on Thursday, March 24 2016 @ 13:36 CET by Thomas De Maesschalck
Java logo
Oracle issued an alert about a new high severity bug in its Java plug-in. This critical security flaw can allow remote code execution without authentication, it's a cross-platform bug that affects Java SE 7 and 8 across Windows, Solaris, OS X and Linux. Everyone running Java needs to upgrade asap to the latest version.
Warning that technical details regarding exploitation of the vulnerability have already been released, Oracle has issued a critical security alert to all Java users. 'Due to the severity of this vulnerability and the public disclosure of technical details,' the company warned, 'Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.'

While the attack is cross-platform, there is one small mitigation: deployments of Java on embedded devices and server environments are typically configured to run only trusted code, meaning that they are not at risk of running remotely-supplied and unauthenticated code even if the vulnerability is successfully exploited.
Source: Bit Tech

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments