Oracle Issues Emergency Patches for Zero-Day Java Exploits
Oracle Issues Emergency Patches for Zero-Day Java Exploits
Oracle has just released emergency software patches to address critical vulnerabilities of Java, running in web browsers on desktops. According to Computerworld, the impetus behind the company's quick actions is the increasing scale of hackers' operations to exploit these vulnerabilities.
The security advisory from Oracle states that only Java running in web browsers on desktops are vulnerable if the software framework has not been patch on these machines. Users on these machines who visit affected websites may be highly likely to have their machines comprised by the malicious actions of hackers. However, these vulnerabilities are not present in standalone Java desktop applications or Java running on servers, i.e., these vulnerabilities do not affect any Oracle server-based applications.
The company advises people to update the Java software framework on their desktop computers immediately. According to Computerworld who spoke to Mr. Adam Gowdiak, the founder and CEO of Polish security firm Security Explorations, the emergency patches are effective in plugging the security loopholes of the affected software framework. He was credited with discovering these vulnerabilities in April this year. To update your Java software, you can visit this link at Oracle. Windows users can take advantage of the Java Automatic Update to get the latest release.
(Source: Oracle via Computerworld, FireEye)