Oracle Fixes Java 0-Days …Again (Last Java 6 Patch)

JavaOracle has released an emergency patch to address two critical vulnerabilities in Java 6 and Java 7, CVE-2013-0809 and CVE-2013-1493.

It was just last week that FireEye researchers advised users to disable Java browser plugins following the discovery that cybercriminals were exploiting CVE-2013-1493 to spread McRAT malware.

Oracle had intended to include a fix for the bug in the critical patch update scheduled for April 16th, but decided to release it ahead of time given the ongoing attacks. The company has been aware of the bug since February 1st, 2013.

Oracle recommends that users upgrade to the latest versions of Java, which are now Java 7 Update 17 or Java 6 Update 43 (no word on why Java 7 U16 or Java 6 U42 were skipped).

By the way, Oracle has stated that this will be the last security update for Java 6, so it’s time to update to Java 7 if you wish to continue receiving public updates & security enhancements.

Users can upgrade Java by:

  • Using the built-in auto update feature or manually check for updates through the Java Control panel.
  • Downloading the latest version from java.com.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

This entry was posted in Computer Security and tagged , , , .
Follow any comments here with the RSS feed for this post. Trackbacks are closed, but you can post a comment.
  • Lisa Edward

    This is definitely one of the best articles
    I have read in this website! Thanks Mate.

    java
    training in Chennai

© 2014 Hyphenet, Inc.
1761 Hotel Circle S, Suite 350, San Diego, CA 92108

All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.

Hyphenet IT Security Blog located at 1761 Hotel Circle South, Suite 350 , San Diego, CA . Reviewed by 91 customers rated: 3.8 / 5