Oracle patches critical Java bugs used to commandeer computers (ars technica)
[Security] Posted Aug 30, 2012 21:09 UTC (Thu) by ris
Ars technica reports
that Oracle has issued an update for critical vulnerabilities in Java.
"The vulnerabilities addressed in the update include those designated
as CVE-2012-4681. Among those Oracle credited was Adam Gowdiak of
Poland-based Security Explorations, who said he alerted Oracle engineers to
the vulnerabilities in April. A brief analysis of the patch by the Immunity
security firm found that at least two other vulnerabilities are fixed as
well. A post on Oracle's security blog said the patch addressed three "distinct but related vulnerabilities and one security-in-depth issue affecting Java running in desktop browsers." The flaws also included CVE-2012-1682, and CVE-2012-3136."
Comments (7 posted)