Click to Skip Ad
Closing in...

Oracle’s emergency Java patch opens the door to more vulnerabilities

Updated Dec 19th, 2018 8:34PM EST
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

After an exploit in the latest Java 7 framework was discovered, Oracle (ORCL) responded with an emergency patch to fix the problem. The company’s quickness, however, may have opened the door to more vulnerabilities in the Java software. While the patch fixed the original exploit, it introduced a new vulnerability that allows an attacker to bypass the Java Virtual Machine sandbox. Researchers at Security Explorations discovered the exploit and have sent a proof of concept to Oracle, and they are currently waiting to hear back. The research firm has not released the code to the public, although it plans to write a technical paper on the issue once it has been patched. The latest exploit follows a string of vulnerabilities found in Java over the past year.

[Via ZDNet]

Read

Dan joins the BGR team as the Android Editor, covering all things relating to Google’s premiere operating system. His work has appeared on Fox News, Fox Business and Yahoo News, among other publications. When he isn’t testing the latest devices or apps, he can be found enjoying the sights and sounds of New York City.