Oracle Knew of Latest Java 0-Day Security Hole In August

An anonymous reader writes "After news broke on Thursday that a new Java 0-day vulnerability had been discovered, and was already being included in multiple popular exploit kits, two new important tidbits have come in on Friday. Firstly, this whole fiasco could have been avoided if Oracle had properly patched a previous vulnerability. Furthermore, not only is the vulnerability being exploited in the wild, but it is being used to push ransomware." Meanwhile, writes reader Beeftopia, the U.S. Department of Homeland Security is getting in on the action, and "has warned users to disable or uninstall Java software on their computers, amid continuing fears and an escalation in warnings from security experts that hundreds of millions of business and consumer users are vulnerable to a serious flaw."

Whoopty freaking do

[symbolset]

Everybody who wanders in those circles know about this one years ago. This is not the dawn of some new discovery - it's just when it became common knowledge to the rest of you. Java is crap nobody in their right mind would run in a browser. The "do not use" public warnings overlap each other. IE likewise is crap Pwned six ways from Sunday in every way possible - it's rapetacular. Office and Windows itself are just as bad, or worse. Calling it 0-day is kind of funny considering this is the normal condition all day every day.

There are dozens more as bad or worse in Java, and scores in all versions of IE that are freely passed around by those who know and let to the press only after they become common enough to be worth discarding. A few are so precious that only dozens know about them, and will be present until long after the current versions of this software bundles have been deprecated. These are the few nation-states use to meddle with each other. The disclosures overlap, so your Windows PC will not ever be and cannot ever be what a reasonable IT pro would consider "secure".

Proof. Some retard is going to ask me for proof again, probably yet another Microsoft Intern with absolute faith that This Is The Last Exploit. I don't have to give proof. Giving proof would defeat the purpose. Just wait and the proofs will be revealed unto you in time. Microsoft themselves have acknowledged that these come so often they can't be bothered to fix them as they are revealed and schedule fixes monthly, on "patch Tuesday". Pathological exams reveal these same exploits have been present and used for 15 years or more quite frequently. One year from now at least a dozen more that many know that you do not will be in this way revealed, and in the process that they had been used for a long time since before now also. That is my proof.

Some few though... they will not be found out. Those few are precious, secret and reserved. They give us access to your darkest secrets. We save those for the most important people.