Due to the high level of risk and discussion in the IT industry, Oracle released a few hours ago, a fix for the Java 7, which was previously found a serious vulnerability, allowing a malicious files on your computer.
Recall that the company intends to release quarterly patch set tomorrow, where will eliminate 86 vulnerabilities, but considered Java-vulnerability was particularly well publicized and on its basis have appeared of malware that has forced Oracle to release a fix as soon.
The specified vulnerability of CVE-2013-0422 since Friday is included into couple of the most popular systems of testing of vulnerabilities, and on the Internet already there were the sites uses this vulnerability.
The blog at the same time with the release of Oracle Java 7 Update 11 there was a record of Eric Morris, who said that Oracle calls as soon as possible to install an updated version of the system. He also noted that in the network there are at least a couple of different Java-applets that use of compromised Web sites.
In addition to the highly publicized vulnerability, Update 11 has been removed and other dangerous vulnerability CVE-2012-3174, which also works through a web browser.
In addition, the Oracle said that after installing Update 11 custom security settings in Java automatically go with Advanced Security.
Recall that a few days ago, many IT consultants and government agencies urged to stop using Java 7 for as long as Oracle does not resolve the two aforesaid problems because they really pose a threat to data on computers around the world. However, even after the release of updated independent experts do not rush to reassure users, as a number of old problems that Oracle has long been pointed out, there are still in the code Java.
The Polish IT company Security Explorations, which was one of the first to warn about the serious bug in Java, said that there are several serious bugs in the new Java, and they are drawn from the last year. “We have not yet recommended to re-use Java-plugin” – says Adam Govdiak, a security of the Polish company.