Today's Hard|Forum Post
Today's Hard|Forum Post

Friday January 18, 2013

Latest Java Update Broken

Why can't these guys seem to get anything right?

"We have successfully confirmed that a complete Java security sandbox bypass can be still gained under the recent version of Java 7 Update 11," Java security researcher Adam Gowdiak of Security Explorations in Poland wrote a short while ago on the Full Disclosure mailing list. Gowdiak said his organization reported two new flaws to Oracle today, along with working proof-of-concept code, a single exploit that relies on two vulnerabilities.