Thursday, April 17, 2014
Search
  
Friday, January 11, 2013
 Java Said To Put Computers in High Risk
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: The US Department of Homeland Security warned Thursday that a flaw in Java software could allow an attacker to execute commands on a PC system.

System using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7), Java SE Development Kit (JDK 7), Java SE Runtime Environment (JRE 7) as well as web browsers using the Java 7 plug-in are at high risk, the department said.

The vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack).

"This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits," the department's Computer Emergency Readiness Team said in a notice on its website.

"We are currently unaware of a practical solution to this problem."

The recommended solution was to disable Java, which typically runs as a plug-in program in web browsers.

"A fix will be available shortly," Oracle said in a statement released late on Friday.

Oracle added that the recently discovered flaw only affects Java 7, the program's most-recent version, and Java software designed to run on browsers.
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .