Today's Question:  What are you most afraid of as a programmer?        GIVE A SHOUT

Technical Article => Programming =>  Java

Oracle released an urgent Java patch

  sonic0002      2016-03-25 08:39:59      1,784    0    0

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636.

With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious codes on an affected web browser, they are vulnerable to this attack.

The vulnerability only affects Java SE running in web browsers. This vulnerability is not applicable to Java deployments, typically in servers or standalone desktop applications, that load and run only trusted code. It also does not affect Oracle server-based software. 

Oracle Java SE 7 Update 97, and 8 Update 73 and 74 for Windows, Solaris, Linux, and Mac OS X are affected. 

This is an out of schedule patch which indicates that this vulnerability is quite critical. Now developers can download the patched version of Java at here. For general Windows users, the patched version is released here. All users are strongly recommended to upgrade their Java as soon as possible to mitigate away from this vulnerability.

JAVA SECURITY ORACLE NEWS

  SAVE AS PDF   MARK AS READ   MARK AS IMPORTANT

Share on Facebook  Share on Twitter  Share on Google+  Share on Weibo  Share on Reddit  Share on Digg  Share on Tumblr    Delicious

  RELATED


  0 COMMENT


No comment for this article.


  WRITE ARTICLE

How Android will ruin a day

By sonic0002