We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Oracle patched the hole in Java 7 on Sunday that enabled hackers to steal personal information and use your computer to attack other systems.
The fix comes only after the Department of Homeland Security issued a warning about the hole, urging people to stop using Java until a fix was made available. Cyber-criminals exploited the vulnerability by using websites infected with malware to access Java and get inside a computer system. Hackers could both infect legitimate websites and set up fake websites that looked legitimate in order to trick people into visiting the site. Once there, the virus would work in the background, secretly infecting the system without the victim’s knowledge.
Oracle specifically states that it has changed Java’s security level from medium to high, meaning Java will always ask the user whether it is OK to run the Java web application that is attempting to launch. This is meant to mitigate the “silent attack” approach.
At the time DHS distributed its warning, Apple blacklisted Java completely for any Mac OS X (Mac operating systems) computer to protect its systems. Previously, Apple computers were affected by a hole in Java that enable the Flashback trojan to perform a similar attack. Whether Apple will reinstate Java is unknown.
Oracle notes that in order for the fix to be complete, you must re-enable Java if you previously disabled it, per the DHS’ recommendation.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.