ENTERPRISE VENDOR Oracle has released a patch for the zero day Java exploit that we reported on last week.
Then the insecurity firms were advising people to load their virtual shotguns and get in their security basements to avoid terrible assaults. Millions of computer users, regardless of what operating systems they use, would be affected and it would happen when they were using the internet.
Not disabling Java at that time, we gather, was the equivalent of kissing a black rat, in London, during the plague. Fret no more though, as Oracle has issued the patch we have all been waiting for and his fixed Java.
Java 7 Update 11, which is available now, is the sticking plaster that patches the vulnerability. In short, it means that the "user is always warned before any unsigned application is run to prevent silent exploitation". It is recommended that you apply it.
"It's nice that Oracle fixed this vulnerability so quickly," said security expert Brian Krebs, "but I'll continue to advise readers to junk this program altogether unless they have a specific need for it."
Krebs said that Oracle has already tried to fix the same flaw, but failed, adding that malware writers are "constantly finding new zero-day vulnerabilities in Java".
He added that it would not surprise him if the same zero day situation were to "repeat itself in a month or so". µ
Plus, it's goodbye to Device Assist
Vulnerabilities in the iOS sandbox thankfully found by the good guys
Data watchdog will make sure firm is being fully transparent about the controversial move
Chinese firm reportedly forces staff to do 82 hours of overtime a month