Oracle Releases Emergency Fix for Java Software Flaw, but Security Threats Remain
Oracle promised a fix for the security vulnerability in its Java software on Saturday and keeping its word, the enterprise software giant released Java 7, Update 11 to address the massive security flaw on Sunday. However, experts opined that the emergency fix fails to provide 100 percent protection from hackers.
The updated version can be downloaded from the Oracle website and the company recommends all Java 7 users update immediately to the new version to prevent potential security breaches. Oracle, in its release note, said the update includes fixes for security vulnerabilities and the Oracle Security Alert for CVE-2013-0422 explained in detail the issues the new update would fix.
Oracle upped the default Java Security Level for the software from "Medium to High". Resultantly, users will be prompted before any unsigned Java applet or Java Web Start application is run. "This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the "High" setting the user is always warned before any unsigned application is run to prevent silent exploitation," Oracle explained.
The critical security hole was first noticed by a European security researcher who blogs under the name Kafeine. The security flow that could permit an unauthenticated attacker to execute arbitrary code on targeted PCs was then widely reported. A zero-day Trojan horse called Mal/JavaJar-B was discovered to be exploiting a vulnerability in Oracle's Java 7 and it was found that it could even affect the latest version of the runtime (7u10).
Underlying the potential threat, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) urged users to disable Java in their Web browsers. However, the threat remains far from over. The CERT warned that "unless it is absolutely necessary to run Java in web browsers, disable it, even after updating to 7u11".
MORE IN ITECHPOST
How to Keep Your Remote Team Engaged
Keeping remote employees engaged is especially important given the current state of the world, as COVID-19 continues to spread across the country and impact the economy. Many businesses have quickly adopted the "work from home" model that has been gaining traction for quite some time.
Wellness Technology is a Billion Dollar Industry. Here Comes the Next Wave: Death Positive & Grief Wellness
The World Health Organization estimates that 25% of all people will be affected by mental or neurological disorders at some point in their lives, with roughly 450 million individuals currently struggling with a condition.
Find the build that’s right for you in the Metamorph League and experiment with other playstyles.
Defeat bosses in the Metamorph League and get tons of PoE currency like PoE orbs by knowing what the right build for you is in our Metamorph build guide!
Design Trends you Should Know
For everything from product labels to websites, the right design has a huge impact on people. Keeping up with the latest design styles is important because it lets organizations present a trendier and more modern vibe to their audience. Here are some of the biggest trends you can expect to see in the upcoming years.