It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
LOS ANGELES (AP) — Oracle Corp. said Monday it has released a fix for the flaw in its Java software that raised an alarm from the U.S. Department of Homeland Security last week. Even after the patch was issued, the federal agency continued to recommend that users disable Java in their Web browsers.
Java 7 was released in 2011. Oracle said installing its "Update 11" will fix the problem.
The sale of the packs means malware exploiting the security gap is "going to be spread across the Internet very quickly," said Liam O'Murchu, a researcher with Symantec Corp. "If you have the opportunity to turn it off, you should."
Making users aware when Java programs are about to be installed gives users a 50/50 chance of avoiding malware, said Kurt Baumgartner, a senior security researcher with Kaspersky Lab.
Many programmers are avoiding Java altogether, and its use in Web browsers is on the decline, he said.
Kaspersky Lab estimated that last year 50 percent of all website exploitations were due to vulnerabilities in Java. Adobe's Acrobat Reader accounted for another 28 percent of vulnerabilities.
Feeling secure — and just a little smug — that you’ve updated your Java installation to plug up that nasty vulnerability discovered last week? Well, I’ve got some bad news for you. A Polish security researcher has discovered yet another vulnerability in Java 7.
Personally you have to question the wisdom of the DHS for only getting on board now, how long have they beeen leaving themselves open to compromise?
Seems like a lot of attention is being placed on this to be something that is/was seemingly already a known issue (according to your sources) with Java.