Oracle's Java patch leaves a loophole

Posted by Scott_Ruecker on Jan 20, 2013 1:28 PM EDT
The H Open
Mail this story
Print this story

Adam Gowniak is indefatigable: last weekend, Oracle released an emergency patch for the 0day hole in Java, and the security researcher has already found the next loophole. In a posting on the Full Disclosure mailing list, the expert has only revealed that the flawed MBeanInstantiator method inspired him to search for further holes. Brian Krebs had previously mentioned a new exploit that can't be neutralised with Oracle's patch; whether this concerns the same vulnerability remains unclear.

Full Story

  Nav
» Read more about: Story Type: News Story; Groups: Oracle

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
Evety system I have access, gets JRE removed &/or Java plug-ins disabled BernardSwiss 1 491 Jan 21, 2013 5:04 AM

You cannot post until you login.