Home >> Security

Five new Java fixes released

By: Nestor E. Arellano On: 20 Feb 2013 For: Computing Canada Creator

Oracle promises to accelerate patch cycle amid growing concern over its ability to keep Java safe

Oracle Corp. yesterday announced plans to hasten its Java patch cycle even as it rolled out five new fixes for the embattled software which has been under attack by malware exploiting zero-day vulnerabilities.

Oracle's announcement came on a day when Apple Inc. reported that it suffered a malware attack tied of a vulnerability in a Java plug-in for browsers.

Apple said it has isolated the infected systems from the rest of its network and that there was "no evidence" that any data was stolen.

Java 7 Update 15 and Java 6 Update 41, tackle five vulnerabilities which an earlier emergency Java update on February 1 failed to take care of.

Image from ShutterStock.com

“Oracle’s intent is to continue to accelerate the release of Java fixes, particularly to help address the security worthiness of the Java Runtime Environment (JRE) in desktop browsers,” Eric Maurice, director of software security assurance at Oracle, wrote in a blog yesterday. “As a result, we will be issuing a Critical Patch Update to Java SE on April 16, 2013 at the same time as the normally scheduled Critical Patch Update for all non-Java products.”

The next schedule releases for Critical Patch Update for Java SE will be: April 16, June 18, October 15 this year and January 14, 2014

In statement yesterday, Apple said malware infected the compay's computers through a Web site for software developers. The company said it is releasing a tool for Mac users which scans the machines and removes the Java malware.

All but one of the vulnerabilities fixed on Tuesday apply to client deployment of Java. Four of the five flaws dealt with can be exploited through Java Web Start Applications on PC and Java applets in browsers.

Three of those four vulnerabilities are rated 10 on the Common Vulnerability Scoring System scale. That is the highest rating which means they are critical and could completely compromise the integrity and availability of systems that have Java running on administrator privilege, said Maurice.

The impact will be less on systems such as Linux or Solaris where Java does not have administrator privileges.

For more information and to download the updates click here

< Previous

Sign up for our Newsletters

Tags: security patches, software vulnerabilities, software development

Close X

Your Name:

Your E-mail:

Friend's Name:

Friend's E-mail:

Close X

| Views: 1944 | Rating:

(0 votes)

Rate this article on a scale of
1 to 5 stars,5 being the best.

Close X

Page 1 | 2

Quick Access

Video Conferencing Cloud Computing Resource Centre CIO Canada's Brainstorm Centre CIO Canada Debate IdeaCity Conference June 18-20 - Toronto

Nestor E. Arellano – Newswire Specialist Nestor edits and posts newswire content for ITWorldCanada’s online publications and e-newsletters. Nestor joined ITWC in 2006 as a senior writer an... more

Recent Canadian IT Jobs

more: IT Jobs , Post A Job

blog comments powered by Disqus

Related Videos

Building an Enterprise IT Security Training Program

Building an Enterprise IT Security Training ProgramOver 50% of security breaches are a result of end-user error, oversight, and ignorance. IT security training is an effective method of reducing end-user related security breaches.

Cloud Computing: Extending the Network (3 of 3)

Cloud Computing: Extending the Network (3 of 3)The end goals of private cloud computing are to; Enable efficient delivery of IT resources and services; Give the enterprise complete control over data; Enable choice in technologies and service providers

Cloud Computing: Getting to One Network (1 of 3)

Cloud Computing: Getting to One Network (1 of 3)In this first video of the series, the team will take you through how to consolidate the different types of traffic onto a single, general-purpose, high-performance, highly available network that greatly simplifies the network infrastructure and redu

Cloud Computing: The Unified Compute Model (2 of 3)

Cloud Computing: The Unified Compute Model (2 of 3)In this second video, the team will look at how to unite computing, networking, storage access, and virtualization into a single cohesive system. The Unified Compute model prepares you for cloud computing. This will be discussed in the next and fin

Professors warn of arms race in cyberspace

Professors warn of arms race in cyberspaceAt a panel discussion organized by Osgoode Hall, professors Ronald Deibert and Stephane Leman-Langlois discussed the attacks on Google Inc. and the challenges of working in countries such as China.

Computing Canada Poll

Read the Computing Canada articles you made happen.

• Democratizing Business Continuity
• Agility and efficiency through virtual switching

* Sponsored by Microsoft

Related White Papers

Getting a better grip on mobile devices - IBM Software provides solutions and strategies for managing both employee-owned and enterprise-owned equipment.

2012 Bit9 Cyber Security Research Report - The 2012 Bit9 Cyber Security Research Report presents the perspectives of more than 1,800 IT professionals on the world of advanced cyber threats.

Realistic Security, Realistically Deployed: Today's Application Control and Whitelisting - With today's sophisticated and constant barrage of cyber-threats defenses focused on a blacklist "permit-all-except" philosophy are doomed to fail. Modern security requires an application control and whitelisting approach.

Advanced Threat Landscape: What Organizations Need to Know - Combating today's cyber-threats requires an approach based on trust, not the blacklisting security strategies of the past.

IFCG Addresses Privacy and Data Security in a Regulated Industry Through a Managed Security Services Provider - IFCG turned to No Panic Computing (NPC) to provide security-hardened laptops, monitored and managed 24/7, boasting biometric access, encrypted hard drives, sophisticated anti-virus monitoring and an OS optimized for performance and data protection.

more: White Papers