Oracle
has released Java SE 7 Update 11 to address the vulnerability. It
"strongly recommends" that Java SE 7 users upgrade immediately.
What's
worse is this particular exploit is reportedly being used to push ransomware, a type of attack
that demands users pay to have control of their computers returned from a
hacker's grasp.
Java's
creator, Oracle, hasn't specified the number of users who have downloaded Java
7 Update 10. However, Java runs on more than 850 million computers and other
devices. When Oracle released Update 10, it "strongly recommended"
that users update to receive "key security features and bug fixes."
The
exploit was first discovered by French researcher Kafeine, who claimed to have found it running on a site
registering hundreds of thousands of page views daily.
"This
could be a [sic] mayhem," Kafeine wrote.
Should
you be worried about this exploit? While security lapses are sometimes
overblown, there are good reasons to take this one seriously: The U.S.
Department of Homeland Security issued a warning advising users to disable Java until a fix is
discovered. Apple has apparently moved to disable Java in response to the threat.
Mozilla took the opportunity to warn users and advertise "Click
to Play," a Firefox feature which stops Java from loading on individual
web sites until a user allows it. Many security experts are advising users disable or uninstall Java
for the time being.
Our
advice? It's probably a good idea to disable or uninstall Java until a fix is
published. You can find out how to do that right here: How to disable Java in your web browser. How to uninstall Java for Mac. How to uninstall Java for Linux. [Mashable]
You can follow me on Twitter, add me to your
circles on Google+ or Subscribe to
me on facebook or YouTube. You can also
check my website and blog to keep yourself
updated with what is happening in the ever changing world of technology
No comments:
Post a Comment