Oracle Patches Java 7 & Java 6 Following Apple Hack To Close “Remote Compromise”



Following today’s big story that a number of employee computers within Apple were compromised following a zero-day Java exploit, Oracle has just released update 15 for Java 7 and update 41 for Java 6.

While there’s no specific mention of what has been updated, there’s excellent reason to believe it fixes the vulnerability that compromised both Apple and Facebook.

SANS Technology Institute’s Johannes B. Ullrich notes that in this patch…

Oracle states that “The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 10.0” , which is the maximum possible score and indicates remote compromisse.

Remote compromises are exactly what happened to Apple. For more information on how to avoid being compromised by similar attacks in the future, see our guide.

If you’re using Java, you can update from either the Java panel in OS X (System Preferences > Java > Update) or on the Oracle Website.
Via: MacMagazine


Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.