Severe Java Vulnerability. *Important*

[NexusZenShot]

The latest version of Java has been subjected to a severe exploit affecting it and previous versions. The exploit is able to bypass most PC security programs so it is recommended to un-install or disable any Java related programs or plug-ins on your computer. There is an update expected this Tuesday.

 

Details and sources:

 

http://arstechnica.com/security/2013/01/critical-java-zero-day-bug-is-being-massively-exploited-in-the-wild/

 

http://www.pcworld.com/article/2025171/oracle-says-java-update-coming-tuesday.html

 

http://www.forbes.com/sites/toddganos/2013/01/12/why-the-java-bug-is-a-big-deal/

[RitualBlack]

Thanks for sharing. I will keep java disabled until the update arrives :sweat: .

[NexusZenShot]

Java has now been updated to Version 7 Update 11.

 

Oracle scurity alert and patch notes: http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html#PatchTable

 

Java Update: http://java.com/en/download/index.jsp

 

Once installed Java will have it's default security setting set to "high" instead of "medium" as in previous versions. This will probably mean that you will get a frequent "permission" pop-up message when browsing websites that use Java. Also, if you previously disabled Java in any browsers, you will have to re-enable it after the update.

Edited January 13, 2013 by Pow_R_Toc_H

[NexusZenShot]

UPDATE: Experts claim the latest Java version "still contains security flaws"

 

Sources:

 

http://www.bbc.co.uk/news/technology-21011669

 

http://www.pcworld.com/article/2025178/oracle-releases-java-fix-but-security-concerns-remain.html