dcsimg

Oracle Java Patch Has Security Flaw, Researchers Say

Update fixes one vulnerability but creates another.

WEBINAR:
On-Demand

You Can't Detect What You Can't See: Illuminating the Entire Kill Chain


eWeek: Polish firm Security Explorations says that Oracle's recently released emergency Java patch has a security vulnerability of its own. They say the update could allow attackers to bypass the JVM sandbox. "I cannot share more details about the nature of the new bug. [But] when combined with some of the Apr 2012 issues, this new issue can facilitate a successful code execution attack on latest Java SE 7 Update 7," said Security Explorations CEO Adam Gowdiak.

Oracle is investigating the issue.




Tags: Java, Oracle, security vulnerabilities, update, sandbox


0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 

IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.