Oracle releases Java patch but users not yet safe

Following a United States Department of Homeland Security warning to computer users to disable their Java plug-ins due to a major vulnerability, Oracle Corp. over the weekend, issued a security patch to fix the problem.

The patch can be accessed through this link or through the Java control panel.
Image from

However, Adam Goldhawk, a researcher with Security Explorations, a security and vulnerability company based in Poland, said the firm could not tell users that it is safe to use Java as yet, according to a report from The report said that some experts are recommending that organizations remove Java from their browsers unless they have no alternative to use it because the patch may have left some security flaws untouched.


U.S. says Java should be disabled
Malware targets Java HTTP servers

Last week, the US DHS’s Computer Emergency Readiness Team (CERT) advised users and administrators to temporarily disable Java on their computers to avoid hacking attacks.

On Saturday, Oracle issued a statement saying the company was aware of a flaw in Java software integrated with Web browsers. The company said the vulnerability was only in the JDK 7 version of the software and that Java apps directly installed on servers and other devices are not affected.

Read the whole story here