Java 6 (left) does not appear to display the vulnerability in Java 7 (right).
According to US CERT, there is a zero-day vulnerability in Java 7. According to Brian Krebs in his commentary about the issue and my inspection of the Java Control Panel (see picture), this vulnerability only seems to exist in Java 7 and not Java 6. The Java Run-Time Environment (JRE) 1.6 update 38 can be downloaded for Windows, Linux, and Solaris from Oracle. At the time of writing the end of life for Java 6 was already announced.
No comments:
Post a Comment