Corey Posted September 5, 2012 Posted September 5, 2012 After an exploit in the latest Java 7 framework was discovered, Oracle (ORCL) responded with an emergency patch to fix the problem. The company’s quickness, however, may have opened the door to more vulnerabilities in the Java software. While the patch fixed the original exploit, it introduced a new vulnerability that allows an attacker to bypass the Java Virtual Machine sandbox. Researchers at Security Explorations discovered the exploit and have sent a proof of concept to Oracle, and they are currently waiting to hear back. The research firm has not released the code to the public, although it plans to write a technical paper on the issue once it has been patched. The latest exploit follows a string of vulnerabilities found in Java over the past year. [Via ZDNet] Read View the full article Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.