Dan Goodin at Ars Technica pointed out a new Java exploit in-the-wild. It only hits those users who are not up-to-date with the latest versions of Java from Apple and Oracle. So if you use Java on the Internet and you have installed the latest update, you're fine. (^_^)If you use Java on the Internet and you have NOT installed the latest versions of Java: UPDATE NOW BUDDY! Or get PWNed. (0_o)
Java users beware: Exploit circulating for just-patched critical flaw
If you haven't installed last week's Java update, now would be a good time.
In the past few days, attack code targeting one of the many remote-code-execution vulnerabilities fixed in Java 7 Update 21 was folded into either the folded into the RedKit or CrimeBoss exploit kit. By Sunday, that attack code was being actively unleashed on unsuspecting end users, according to a short blog post published by a researcher from antivirus provider F-Secure.Apple's current Java 6 updates are here:
http://support.apple.com/downloads/DL1573/en_US/JavaForMacOSX10.6.Update15.dmg
http://support.apple.com/downloads/DL1572/en_US/JavaForOSX2013-003.dmg
Oracle's current Java 7 update is here:
http://www.java.com/en/download/mac_download.jsp
No comments:
Post a Comment