Here we go again: Critical flaw found in just-patched Java
Emergency fix rushed out half-baked
I am hoping that although the news sites feel that Oracle will not release a patch, the fact that this exploit can affect ANY version of their product will push the release of any patches as they are created! According to Sophos
, "Oracle officially fixed four CVEs
, presumably covering five vulnerabilities." IMHO that's not bad for a company that usually does not release out-of-cycle patches.
The question is: how does that patch work against the new campaign mimicking the recent Microsoft terms of service e-mail
I tried out the click-to-play options in Firefox and Chrome, and I think it's a way better experience, my tablet always did this and I am happy to have it in my browser. I was looking for a way to replicate the experience
in IE9, but I have not had a chance to test it yet, I am hoping you can do the same with Java as Adobe Flash in that article.
Interested to see how this develops!
Meditate. Elevate. Appreciate. | "Life is a journey, love is the destination, happiness is the path!"
If I am helping you and have not responded within 48 hours, please send me a PM.
Vi Veri Universum Vivus Vici (VVVVV)Excellent Security AdviceProud member of UNITE