Oh no! A security firm is advertising somebody trying to make money by selling a patch to an exploit without providing any link to said sale (conveniently posted on a for-pay web site) nor evidence to back up their claim.
What are we gonna do? What are we gonna do? -- Cédric On Mon, Dec 3, 2012 at 6:05 AM, Casper Bang <[email protected]> wrote: > > > On Thursday, October 25, 2012 10:13:09 AM UTC+2, Casper Bang wrote: >> >> Unfortunately, it seems that Oracle will wait 4 months with patching this >> hole: >> http://www.h-online.com/**security/news/item/Security-** >> researcher-experiments-with-**patching-Java-1735346.html<http://www.h-online.com/security/news/item/Security-researcher-experiments-with-patching-Java-1735346.html> >> > > Aaaaand here we go, exploit on sale to highest-bidder: > > http://krebsonsecurity.com/2012/11/java-zero-day-exploit-on-sale-for-five-digits/ > > > -- > You received this message because you are subscribed to the Google Groups > "Java Posse" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/javaposse/-/8BrcJEa3reoJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/javaposse?hl=en. > -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
