Oracle Rushes Emergency Java Update To Patch McRAT Vulnerabilities 165
msm1267 writes "Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today's update patches CVE-2013-1493 and CVE-2013-0809, the former was discovered last week being exploited in the wild for Java 6 update 41 through Java 7 update 15. The vulnerability allows for arbitrary memory execution in the Java virtual machine process; attackers exploiting the flaw were able to download the McRAT remote access Trojan."
Re:Only one program I miss (Score:4, Interesting)
Re:Only one program I miss (Score:3, Interesting)
OpenJDK .. (Score:4, Interesting)
Re:Only one program I miss (Score:4, Interesting)
Re:Uninstall (Score:3, Interesting)
Re:LOL (Score:5, Interesting)
Relying on software enforcement for security is just asking for trouble.
[1] The factor of 30 comes from seL4 which, to mu knowledge, is the formally verified project that managed the smallest overhead. Other estimates from other projects are 100 or more times the cost.