Oracle Patches Java 7 & Java 6 Following Apple Hack To Close “Remote Compromise”


Following today’s big story that a number of employee computers within Apple were compromised following a zero-day Java exploit, Oracle has just released update 15 for Java 7 and update 41 for Java 6.

While there’s no specific mention of what has been updated, there’s excellent reason to believe it fixes the vulnerability that compromised both Apple and Facebook.

SANS Technology Institute’s Johannes B. Ullrich notes that in this patch…

Oracle states that “The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 10.0’ , which is the maximum possible score and indicates remote compromisse.

Remote compromises are exactly what happened to Apple. For more information on how to avoid being compromised by similar attacks in the future, see our guide.

If you’re using Java, you can update from either the Java panel in OS X (System Preferences > Java > Update) or on the Oracle Website.

  • Norbs

    Oracle should change the name of their Java product to Achilles.

  • Robert X

    Oracle should change the name of their Java product to Achilles.

    Adobe has that moniker. Oracle is close on its heels though.

About the author

John BrownleeJohn Brownlee is a Contributing Editor. He has also written for Wired, Playboy, Boing Boing, Popular Mechanics, VentureBeat, and Gizmodo. He lives in Boston with his wife and two parakeets. You can follow him here on Twitter.

(sorry, you need Javascript to see this e-mail address) | Read more posts by .

Posted in News | Tagged: , , , |