Java Zero-Day Exploit on Sale for ‘Five Digits’

Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle’s Java software that attackers can use to remotely seize control over systems running the program, KrebsOnSecurity has learned. The flaw, currently being sold by an established member of an invite-only Underweb forum, targets an unpatched vulnerability in Java … Читать далее

Critical Java Patch Plugs 30 Security Holes

Oracle on Tuesday pushed out a bevy of security patches for its products, including an update to Java that remedies at least 30 vulnerabilities in the widely-used program. The latest versions, Java 7 Update 9 and Java 6 Update 37, are available either through the updater built into Java (accessible from the Windows control panel), … Читать далее