Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Oracle Updates Java (Java 7 Update 15, Java 6 update 41)

Published: 2013-02-19
Last Updated: 2013-02-19 20:14:08 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

(I originally wrote "update 14", but turns out this is update 15)

Oracle released update 15 for Java 7 and update 41 for Java 6 today. I haven't seen any specific security content yet, but Oracle states that "The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 10.0" , which is the maximum possible score and indicates remote compromisse.

Apple users: If you think you are safe, check today's news about how Apple itself got compromissed via a Java vulnerability (maybe this is why Apple was so quick in disabling the Java plugin via X-Protect).

http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html

once you are done patching (if you still have Java installed), head to browsercheck.qualys.com to make sure all the other plugins are up to date)

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: apple java oracle
0 comment(s)
Diary Archives