YOUR FRIENDS' ACTIVITY

    Oracle issues Java fix; feds maintain warning

    By RYAN NAKASHIMA | Associated Press – Mon, Jan 14, 2013

    LOS ANGELES (AP) — Oracle Corp. said Monday it has released a fix for the flaw in its Java software that raised an alarm from the U.S. Department of Homeland Security last week. Even after the patch was issued, the federal agency continued to recommend that users disable Java in their Web browsers.

    "This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered," DHS said Monday in an updated alert published on the website of its Computer Emergency Readiness Team. "To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates are available."

    The alert follows on the department's warning late Thursday. Java allows programs to run within websites and powers some advertising networks. Users who disable Java may not be able to see portions of websites that display real-time data such as stock tickers, graphical menus, weather updates and ads.

    Vulnerability in the latest version, Java 7, was "being actively exploited," the department said.

    Java 7 was released in 2011. Oracle said installing its "Update 11" will fix the problem.

    Security experts said that special code to take advantage of the weakness is being sold on the black market through so-called "Web exploit packs" to Internet abusers who can use it to steal credit card data, personal information or cause other harm.

    The packs, sold for upwards of $1,500 apiece, make complex hacker codes available to relative amateurs. This particular flaw even enables hackers to compromise legitimate websites by taking over ad networks. The result: users are redirected to malicious sites where damaging software can be loaded onto their computers.

    Oracle said it released two patches — to address the flaw highlighted by the government, as well as another flaw that the government said was "different but equally severe."

    As well, the patches set Java's default security level to "high" so that users will automatically be shown a prompt and given a chance to decline malicious software before it loads onto their computers.

    Loading...

    More Science News

     

    News for You »

    • Even Cavendish surprised by fourth stage win

      By Alasdair and Fotheringham CHERASCO, Italy, May 17 - A series of small but challenging climbs late on Friday's stage of the 2012 Giro d'Italia could not stop Britain's Mark Cavendish taking his fourth stage win and second in two days. Italy's Vincenzo Nibali remained overall leader but it was sprinter Cavendish who stole the show again after compatriot and pre-race favorite Bradley Wiggins failed to start the 254 kilometer stage, the longest in this year's Giro. In a bunch sprint finish Cavendish outgunned Italy's Giacomo Nizzolo and Slovenia's Luka Mezgec. ...

    • What We Know About the Record Breaking Powerball Jackpot's Mystery Winner

      The frenzy for last minute tickets is over. The numbers have been picked out. Somewhere, a single person is $590.5 million richer. Last night's record Powerball jackpot has a winner but we have no idea who that person is yet. 

    • Kanye West's Angry 'SNL' Rant Makes Saturday's Season Finale a Must-Watch

      This coming weekend is a big one for Saturday Night Live. It marks the end of Bill Hader's tenure on the show and Ben Affleck's fifth time hosting. But perhaps the most significant reason to tune in is the fact that Kanye West is the musical guest, and he's making it seem like he really, really doesn't want to be. With West's apparent frustration with the show and his penchant for, shall we say ... off-the-cuff remarks, producers should be worried and we should be excited. Is there a better combo than that?

    • 'American Idol' Finale: The End of an Era

      RELATED: 'American Idol': Cry Me a River

    • American Idol Candice Glover Talks Emotional 'Ugly Cry' & Her First Thoughts After Win

      Candice Glover was crowned "American Idol's" twelfth winner on Thursday night - and after the show, she was still soaking it all in.

    • After nearly 30 years, Camp Lejeune coming clean

      CAMP LEJEUNE, N.C. (AP) — Purple wildflowers sprout in abundance around the bright-yellow pipe, one of several jutting from the sandy soil in this unassuming patch of grass and mud. A dirty hose runs from the pipe to an idling truck and into a large tank labeled, "NON-POTABLE WATER."

    • A record Powerball jackpot isn't a record to celebrate

      When the 43-state Powerball lottery jackpot hit a record at $600 million Friday, many Americans who would otherwise not gamble rushed out to buy the $2 tickets. “Just on the off-chance,” many probably said.

    • The President's Umbrella Scandal Folded Before It Could Take Off

      There was a brief moment where some conservative were trying to make a scandal out of the President's moment in the rain on Thursday. But unfortunately that scandal died before it could really take off. During his Thursday press conference with Turkish Prime Minister Recep Erdogan, a Marine officer held an umbrella over the President's head to protect him from the rain. There were many problems with this, according to a select group of people. 

    Show More
    Loading...

    Follow Yahoo! News