It's been a little while since the zero-day exploit, but I decided to look up some articles about it now that Oracle has released an update. There were two vulnerabilities that created the opportunity for the exploitation, and Oracle released an update fixing only one of them. If attackers can find another vulnerability then we are right back where we started. There is always the opportunity for more threats, so while it should be safe for users to have an updated Java (Java 7 Update 11), I have continued to leave my Java browser plug-ins disabled on my computer. I'd prefer to be a safe than sorry.
http://www.pcworld.com/article/2025797/oracles-java-patch-contains-new-holes-researchers-warn.html
No comments:
Post a Comment