Oracle Updates Java (Java 7 Update 15, Java 6 update 41)
(I originally wrote "update 14", but turns out this is update 15)
Oracle released update 15 for Java 7 and update 41 for Java 6 today. I haven't seen any specific security content yet, but Oracle states that "The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 10.0" , which is the maximum possible score and indicates remote compromisse.
Apple users: If you think you are safe, check today's news about how Apple itself got compromissed via a Java vulnerability (maybe this is why Apple was so quick in disabling the Java plugin via X-Protect).
http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html
once you are done patching (if you still have Java installed), head to browsercheck.qualys.com to make sure all the other plugins are up to date)
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Comments