Oracle Java Patch Has Security Flaw, Researchers Say

Tuesday Sep 4th 2012 by Staff

Update fixes one vulnerability but creates another.

eWeek: Polish firm Security Explorations says that Oracle's recently released emergency Java patch has a security vulnerability of its own. They say the update could allow attackers to bypass the JVM sandbox. "I cannot share more details about the nature of the new bug. [But] when combined with some of the Apr 2012 issues, this new issue can facilitate a successful code execution attack on latest Java SE 7 Update 7," said Security Explorations CEO Adam Gowdiak.

Oracle is investigating the issue.

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved