Java Latest Update with 2 New Bugs
By Vittorio Hernandez | January 29, 2013 10:33 AM EST
The Java 7 Update 10 on December 2012 was exposed to vulnerabilities against hackers and cyber criminals. The new update on Jan 13, 2013 has two new flaws which also makes it susceptible to digital attacks.
The two new bugs in the latest Java version can also be combined to bypass the security measures in the Oracle-based platform. Applets are small applications inside every browser and the most commonly known of its kind are plugins. Most plugins are required to run programs inside the browser to enhance viewing, graphic acceleration.
But cyber attacks can be in a form of applet which attaches itself to the browser of unsuspecting computer users. Once it is inside, it can hack information, manipulate the computer system, and do all things to control the entire device.
According to the blog of Esteban Guillardoy, a security researcher with Immunity, he noted that the update successfully patched made a reflection vulnerability, "The patch did stop the exploit, fixing one of its components, but an attacker with enough knowledge of the Java code base and the help of another zero day bug to replace the one fixed can easily continue compromising users."
Adam Gowdiak, CEO of Security Explorations commented, "Recently made security improvements to Java 7 don't prevent silent exploits at all."
The new update does not entirely protect the user with exploits and from running applets without any warning. It seems like hackers have stepped up to a new level against Java security and the browser's plug-in.
Mr Gowdiak suggested that people should have a "click-to-play" feature which allows them to authorise a plug-in's execution to notify about certain possibility of exploitation of their browser to the Internet.
Such feature may help prevent automatically exploitation from both known or not-yet addressed Java plug-in vulnerabilities.
To contact the editor, e-mail:
Most Popular Slideshows
- Flight MH17 Attack: Russians Claim 'Putin A Terrorist,' Memorial at Dutch Embassy Overflows [PHOTOS]
- Typhoon Rammasun Claims 18 Lives in China, Incurs $4.32B Losses (PHOTOS)
- Ellen DeGeneres Caught Cheating with Mutual Friend Before Portia de Rossi’s Rehab – Reports [PHOTOS]
- Malaysia Airlines MH17: Vital Black Boxes Finally Land in Hands of Malaysian Authorities, Rebels Announce Ceasefire (PHOTOS/VIDEOS)
Join the Conversation
- California Fruits Recalled in USA and Canada for Possible Listeria Contamination
- Malaysian Airlines Flight 17: Air Carrier Losing $1.6 Million/Day; Crisis Management Experts Suggest Hiring Risk Expert as CEO
- The IBM and Apple Merger: Will it Spell Trouble to Rival Companies
- CBA, NAB, Westpac in Fixed Rate War Offering Below 5% Interest
- Radio Australia Cuts to Affect Isolated Vanuatu Residents Who Rely on It for Weather Bulletins
- Samsung Galaxy Note 4 Apps Leak Online, Five Fresh Features to Expect from the Android Smartphone
- Moto 360 Price Speculations, Key Features, Strategic Release Date, Design: A Watch That is More Than Just Time
- Windows Phone 8.1 Update Rollout: 20 Nokia Lumia Phones Eligible and 13 New Features to be Added
- Three New Moto G Successors Spotted in FCC Document Dubbed Moto G2, Moto M and More --Reports
- iPad Air 2 Release Date Will Skip IGZO Panel; To Rollout with Super-Slim iPad Mini Air
- Upcoming iPad Mini 3 Could be 30% Thinner and Likely be Called iPad Mini Air; Apple Q3 Results Show 9% Decrease in iPad Sales
- Sony Xperia M2 vs. Moto G – Specifications, Features and Price Showdown