Java Exploit Patched? Not So Fast

PCM2 writes "The Register reports that Security Explorations' Adam Gowdiak says there is still an exploitable vulnerability in the Java SE 7 Update 7 that Oracle shipped as an emergency patch yesterday. 'As in the case of the earlier vulnerabilities, Gowdiak says, this flaw allows an attacker to bypass the Java security sandbox completely, making it possible to install malware or execute malicious code on affected systems.'"

Re:Arrrrrg

[Jeremiah Cornelius]

Oracle should be "patched" by Anonymous.

WORE

[tobiasly]

Oracle should be commended for finally bringing their "Write Once, Run Everywhere(tm)" vision to the exploit community.

Re:WORE

[sjames]

Honest to God, when I glanced at the subject, I read it as "WHORE" which seems somewhat apt for Java these days.

Re:Arrrrrg

[LordLimecat]

Sandbox [Java VM] externally

Using what, a VM?

Yo dawg, I heard you liked virtual machines...

Not so fast

[MobileTatsu-NJG]

Not so fast.

Isn't that Java's mission statement?