Monday, January 14, 2013

Java 7 vulnerability fix has been issued by Oracle

Good news!

Oracle has issued a fix for the Java 7 vulnerability already: http://java.com/en/download/index.jsp

Security

Oracle released Java 7 Update 11 to address the latest security vulnerabilities revealed last week. According to Oracle, the release "addresses security issues CVE-2013-0422 (US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability) and another vulnerability affecting Java running in web browsers. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software."
See the release notes and security alert for details.