It seems that Oracle’s Java program is constantly being patched for security holes. A new security exploit has been discovered which gets around a sandbox feature Java has in place to help prevent security holes. Adam Gowdiak who discovered the Java security exploit has verified the issue with a proof-0f-concept last week and reported it to Oracle Tuesday. Oracle has verified that the exploit exists. It is not currently known if there are any people taking advantage of this exploit. Java is used on computers, cell phones, game consoles and even some cars. Oracle says Java runs on 1.1 billion desktop computers.
Who Is Effected?
It has been found that this exploit is more serious than many previous ones. The exploit effects all Java versions from SE5 to the latest SE 7 Update 7 in all browsers in both PC Windows and MAC computers.
So What Should I Do?
Oracle’s next scheduled update is set for October 16th, but they haven’t announced if this particular exploit will be patched during this update. If you want to be extra safe you can either disable Java or uninstall it on your computer until it is patched. You can disable it in Internet Explorer by going into Internet Options, Programs, selecting Manage add-ons and find and disable Java. Disabling Java, though, can cause some web pages or programs that require it not to work.
Our customers who are on our managed IT service plan will receive Java security updates automatically from us when released. We will push these updates to all your computers and servers and will receive alerts if the updates are not installed or are missing. For anyone wanting more information on our managed IT services call us at 406-414-0532.
Bigsky Computer Solutions