An anonymous reader writes "After the Department of Homeland Security's US-CERT warned users to disable Java to stop hackers from taking control of users' machines, Oracle issued an emergency patch on Sunday. However, HD Moore, chief security officer of Rapid7, said it could take two years for Oracle to fix all the security flaws in the version of Java used to surf the web; that timeframe doesn't count any additional Java exploits discovered in the future. 'The safest thing to do at this point is just assume that Java is always going to be vulnerable,' Moore said."
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×