Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

'Silent but deadly' Java security update breaks legacy apps - dev

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 1 Feb 2013 05:01:51 -0600 (CST)
http://www.theregister.co.uk/2013/01/31/java_security_update/

By John Leyden
The Register
31st January 2013
An application developer reports that the latest Java 7 update "silently" deletes Java 6, breaking applications in the process.
Java 7 update 11 was released two weeks ago to deal with an unpatched vulnerability which had gone mainstream with its incorporation into cybercrook toolkits such as the Blackhole Exploit Kit in the days beforehand. Attacks were restricted to systems running Java browser add-ons. 

But Oracle's response appears to have caused some collateral damage.
JNBridge, which provides Java and .NET interoperability tools, reports that customers of software providers who use its technology came a cropper in cases where users had applied the latest Java update (Java 7u11). The software developer blogged about the issue here. 

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org
Previous By Date Next
Previous By Thread Next

Current thread: