Monday, December 22, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
North Korean Internet Otage Fuels Speculation
Semiconductor Market Set for Strongest Growth in Four Years in 2014
New Asus Dual-camera Zenfone Coming At CES
Samsung Introduces SE790C Curved Monitor
Chinese Motion-sensing VR Glasses Coming On Kickstarter
Kodak Returns To CES With Consumer Product Line
North Korea Suggests Joint Inverstigation With U.S. Over Sony Hacking
T-Mobile to Pay $90 Million To Settle Case With FCC
Active Discussions
Digital Audio Extraction and Plextools
Will there be any trade in scheme for the coming PSP Go?
Hello, Glad to be Aboard!!!
Best optical drive for ripping CD's? My LG 4163B is mediocre.
Hi All!
cdrw trouble
CDR for car Sat Nav
DVD/DL for Optiarc 7191S at 8X
 Home > News > General Computing > Oracle ...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, January 14, 2013
Oracle Patches Java Bugs


Oracle released an emergency update to its Java software for surfing the Web on Sunday but questions remain on whether the updated software is safe.

The Security Alert CVE-2012-042 released by Oracle on Sunday addresses two vulnerabilities affecting Java in web browsers, according to Oracle.

These vulnerabilities do not affect Java on servers, Java desktop applications, or embedded Java.

They are both remotely exploitable without authentication. Oracle recommends that this Security Alert be applied as soon as possible because these issues may be exploited "in the wild" and some exploits are available in various hacking tools.

The exploit conditions for these vulnerabilities are the same. To be successfully exploited, an attacker needs to trick an unsuspecting user into browsing a malicious website. The execution of the malicious applet within the browser of the unsuspecting users then allows the attacker to execute arbitrary code in the vulnerable system. These vulnerabilities are applicable only to Java in web browsers because they are exploitable through malicious browser applets.

With this Security Alert, Oracle is also switching Java security settings to "high" by default. The high security setting requires users to expressly authorize the execution of applets which are either unsigned or are self-signed. As a result, unsuspecting users visiting malicious web sites will be notified before an applet is run and will gain the ability to deny the execution of the potentially malicious applet.

Oracle released the update just days after the U.S. Department of Homeland Security urged PC users to disable the program because of bugs in the software that were being exploited to commit identity theft and other crimes.

Adam Gowdiak, a researcher with Poland's Security Explorations who has discovered several bugs in the software over the past year, said that the update from Oracle leaves unfixed several critical security flaws.

"We don't dare to tell users that it's safe to enable Java again," said Gowdiak.

Responding to Oracle's updated software, the U.S. Department of Homeland Security reiterated advice for computer users to disable Java software for surfing the Web.

"Unless it is absolutely necessary to run Java in web browsers, disable it," the Department of Homeland Security's Computer Emergency Readiness Team said on Monday in a posting on its website.


Previous
Next
Paper Says Apple Cut LCD panel Orders For iPhone 5        All News        ASUS Launches the MeMO Pad
Microsoft Dynamics for Retail Released     General Computing News      Unwired Planet Buys More Than 2,000 Patents From Ericsson

Get RSS feed Easy Print E-Mail this Message

Related News
Oracle, SAP Settle Lawsuit
Oracle's Ellison Steps Down
Oracle To Buy Micros Systems
Oracle Accelerates Its Databases
Oracle Wins Appeal In Legal Battle With Google
Microsoft Retains No. 1 Spot; Oracle Moves Into No. 2 In Global Software Market
Oracle Buys Responsys For $1.5 billion
GPU Acceleration Coming to Java
IBM, Oracle, EMC To Face China Probe Over Security Concerns: report
ARM and Oracle to Optimize Java SE for Enterprise and Embedded Markets
Microsoft and Oracle Team Up On Cloud Computing
Oracle Unveils Faster Servers

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .