Oracle Knew of Latest Java 0-Day Security Hole In August

Posted by timothy on Friday January 11, 2013 @04:06PM from the when-the-living-is-easy dept.

An anonymous reader writes "After news broke on Thursday that a new Java 0-day vulnerability had been discovered, and was already being included in multiple popular exploit kits, two new important tidbits have come in on Friday. Firstly, this whole fiasco could have been avoided if Oracle had properly patched a previous vulnerability. Furthermore, not only is the vulnerability being exploited in the wild, but it is being used to push ransomware." Meanwhile, writes reader Beeftopia, the U.S. Department of Homeland Security is getting in on the action, and "has warned users to disable or uninstall Java software on their computers, amid continuing fears and an escalation in warnings from security experts that hundreds of millions of business and consumer users are vulnerable to a serious flaw."

3 of 265 comments (clear)

Min score:

Reason:

Sort:

As a wise man once said... by Anonymous Coward · 2013-01-11 16:22 · Score: 0, Funny

"Evil will always triumph, because Java is dumb".
Re:Burned by ILongForDarkness · 2013-01-11 17:08 · Score: 3, Funny

But than how are you going to run Vuze?
Re:AAAAAAAAARRRRRRRRGGGGGHHHHHH NOOOOOOOO! by Anonymous Coward · 2013-01-11 20:03 · Score: 3, Funny

Someone should tell enterprise Java developers that.