Round: Infinity – Yet Another New Security Hole Found in Latest Java Release

By Akemi Iwaya on February 25th, 2013

Last week Oracle released its latest update for Java, but another security hole has just been found that could allow a complete bypass of the security sandbox feature. Details of the latest exploit have been sent to Oracle and the waiting game for a new update starts all over again.

The latest exploit affects the ‘Java 7’ releases (older and current) by allowing the abuse of the Java Reflection API feature. While the details of the newest exploit are being kept under wraps at the moment, you can rest assured that malware authors are going to do their best to learn the details and make use of the new exploit as soon as possible. Unless you absolutely need it, you should disable or uninstall Java from your systems using our guide:

Java is Insecure and Awful, It’s Time to Disable It, and Here’s How

Something else to keep in mind is that malware authors are actively exploiting a security hole in the older ‘Java 7 Update 11’ release. If you know of someone using this version, then make sure they are aware of the risk and suggest that they disable Java on their systems at a minimum.

You can also read more about how a Java exploit was used to infect computers belonging to Microsoft and Apple in the Security News section of our latest Week in Geek post.

[via Softpedia, Ars Technica, and Sophos Naked Security Blog]

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 02/25/13
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!