The security of Oracle's Java software framework, installed on some
    three billion devices worldwide, is taking a turn for the worse,
    thanks to an uptick in attacks targeting vulnerabilities that will
    never be patched and increasingly sophisticated exploits, security
    researchers said.

    The most visible sign of deterioration are in-the-wild attacks
    exploiting unpatched vulnerabilities in Java version 6, Christopher
    Budd, threat communications manager at antivirus provider Trend
    Micro, wrote in a blog post published Tuesday. The version, which
    Oracle stopped supporting in February, is still used by about half
    of the Java user base, he said. Malware developers have responded by
    reverse engineering security patches issued for Java 7, and using
    the insights to craft exploits for the older version. Because Java 6
    is no longer supported, the security those same flaws will never be
    fixed.

  via [1]Security of Java takes a dangerous turn for the worse, experts
  say | Ars Technica.
    __________________________________________________________________

  My original entry is here: [2]Security of Java takes a dangerous turn
  for the worse, experts say | Ars Technica. It posted Thu, 12 Sep 2013
  21:26:00 +0000.
  Filed under: InfoSec, java, oracle,

References

  1. http://arstechnica.com/security/2013/09/security-of-java-takes-a-dangerous-turn-for-the-worse-experts-say/
  2. https://www.prjorgensen.com/2013/09/12/security-of-java-takes-a-dangerous-turn-for-the-worse-experts-say-ars-technica/

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.