Oracle advises uses to patch up immediately (credit: iStock-fatihhoca)Related storiesResearchers claim Java still has 'vulnerabilities'U.S. government advises users to disable JavaGoogle vs Oracle: Verdict coming in Android 'copying' caseOracle keeps on releasing patches to bung up the veritable leaky bucket that is Java, with the latest fix addressing some 40 security holes.
Of those, 34 major security fixes bundled in the newly released Java 7 Update 25 (Java 7u25) affect client deployments of Java. 11 of those received the maximum score on Oracle's Common Vulnerability Scoring System (CVSS). Four vulnerabilities affect both client and server deployments, the most severe receiving a CVSS score of 7.5.
While some of the updates only patch particular versions of Java, most affect versions 7, 6 and 5. JavaFX 2.2.21 and earlier versions of JavaFX are also affected.
The patch has been released to fix some particularly gaping security holes, with all but three of them exploitable over the network without authentication. This means attackers can take control of users' computers that visit web pages with malicous embedded Java Web applications hosted on remote servers.
Severe vulnerabilitiesIn a company blogpost, Eric Maurice, Oracle's Director of Software Assurance, said: "Oracle recommends that this Critical Patch Update be applied as soon as possible because it includes fixes for a number of severe vulnerabilities.
"Note that the vulnerabilities fixed in this Critical Patch Update affect various components and, as a result, may not affect the security posture of all Java users in the same way."
Back in October, Oracle announced that it would be releasing Java updates on a quarterly basis. A number of companies have fallen foul to Java exploits this year, including Microsoft, Apple and Facebook.
Join TechRadar and get our weekly newsletterGet the week's hottest news stories, our most popular reviews, and fantastic competitions straight to your inbox with our free weekly newsletter.
Tell me moreLearn more Get free weekly updates and offers Sign up to receive TechRadar Pro's free weekly round-up, with competitions, special offers, the biggest stories and the hottest reviews. Sign upTagsOracleJavaSee more applications newsCommentsTweet Add your commentType your comment here.You need to log in or join to add comments.Hello, you are logged in as Not you, eh? Log out, log in as another user or joinBy submitting this form you agree to our Terms of Use and so are legally responsible for anything you submit. DO NOT submit anything which may violate the Terms of Use or another person
View the Original article
Written by Unknown
We are Creative Blogger Theme Wavers which provides user friendly, effective and easy to use themes. Each support has free and providing HD support screen casting.
0 comments:
Post a Comment