Following today’s big story that a number of employee computers within Apple were compromised following a zero-day Java exploit, Oracle has just released update 15 for Java 7 and update 41 for Java 6.
While there’s no specific mention of what has been updated, there’s excellent reason to believe it fixes the vulnerability that compromised both Apple and Facebook.
SANS Technology Institute’s Johannes B. Ullrich notes that in this patch…
Oracle states that “The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 10.0’ , which is the maximum possible score and indicates remote compromisse.
If you’re using Java, you can update from either the Java panel in OS X (System Preferences > Java > Update) or on the Oracle Website.
- Via MacMagazine