{"id":68512,"date":"2013-01-15T08:44:26","date_gmt":"2013-01-15T06:44:26","guid":{"rendered":"http:\/\/mybroadband.co.za\/news\/?p=68512"},"modified":"2013-01-15T09:53:19","modified_gmt":"2013-01-15T07:53:19","slug":"java-security-exploits-patched-by-oracle","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/68512-java-security-exploits-patched-by-oracle.html","title":{"rendered":"Java security exploits patched by Oracle"},"content":{"rendered":"<p><a title=\"Oracle\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/286693-Oracle\">Oracle<\/a> on Monday was distributing a patch for <a title=\"Java\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/422412-Java\">Java<\/a> software flaws deemed so dangerous that the US Department of Homeland Security said that people should stop using it.<\/p>\n<p>&#8220;Oracle recommends that this Security Alert be applied as soon as possible because these issues may be exploited &#8216;in the wild&#8217; and some exploits are available in various hacking tools,&#8221; Oracle&#8217;s Eric Maurice said in a blog post.<\/p>\n<p>The patch was crafted to fix two holes that hackers could slip through in Java 7 software used by web browsers to interact with websites.<\/p>\n<p>&#8220;To be successfully exploited, an attacker needs to trick an unsuspecting user into browsing a malicious website,&#8221; Maurice said.<\/p>\n<p>&#8220;The execution of the malicious applet within the browser of the unsuspecting users then allows the attacker to execute arbitrary code in the vulnerable system.&#8221;<\/p>\n<p>Essentially, hackers could take advantage of the vulnerability to infect and take control of computers by getting them to visit a booby-trapped website.<\/p>\n<p>Oracle raised Java security settings so that mini-programs referred to as &#8220;applets&#8221; will need to get permission from website visitors before being able to run on people&#8217;s computers, according to Maurice.<\/p>\n<p>Despite the patch, which was released by Oracle on Sunday, computer specialists at the Department of Homeland Security advised people to avoid using the software &#8220;unless it is absolutely necessary,&#8221; even after updating.<\/p>\n<p>&#8220;This will help mitigate other Java vulnerabilities that may be discovered in the future,&#8221; the DHS Computer Emergency Readiness Team said Monday in an updated advisory on its website.<\/p>\n<p>Java is distributed by business software powerhouse Oracle and is popular because it lets developers create websites in code that can be accessed regardless of a computer&#8217;s operating system.<\/p>\n<p>Java was created by <a title=\"Sun Microsystems\" href=\"http:\/\/mybroadband.co.za\/vb\/showthread.php\/481698-Sun-Microsystems\">Sun Microsystems<\/a>, which was purchased by Northern California-based Oracle.<\/p>\n<h3 class=\"my-4\">More security news<\/h3>\n<p><strong><a title=\"Permanent Link to Java security warning from US\" href=\"http:\/\/mybroadband.co.za\/news\/security\/68356-java-security-warning-from-us.html\" rel=\"bookmark\">Java security warning from US<\/a><\/strong><\/p>\n<p><strong><a title=\"Permanent Link to VLC media player security problem\" href=\"http:\/\/mybroadband.co.za\/news\/security\/68420-vlc-media-player-security-problem.html\" rel=\"bookmark\">VLC media player security problem<\/a><\/strong><\/p>\n<p><strong><a title=\"Permanent Link to Security forecast for 2013\" href=\"http:\/\/mybroadband.co.za\/news\/security\/66932-security-forecast-for-2013.html\" rel=\"bookmark\">Security forecast for 2013<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle distributes a patch for Java software flaws deemed so dangerous that the US Department of Homeland Security said that people should stop using it.<\/p>\n","protected":false},"author":35,"featured_media":58623,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[36,1441,199,10582,3372,17780],"class_list":["post-68512","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-active","tag-cybercrime","tag-hackers","tag-java","tag-oracle","tag-security-exploit"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/68512"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/35"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=68512"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/68512\/revisions"}],"predecessor-version":[{"id":68514,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/68512\/revisions\/68514"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/58623"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=68512"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=68512"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=68512"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}