according to cert: http://www.kb.cert.org/vuls/id/636312
"This issue is addressed in Java 7 Update 7. Also consider the following workarounds:" so I guess the real question is, is it really patched? ----------------- "Choose the highest bidder" was my answer when they told me I was up for sale. On Thu, Aug 30, 2012 at 11:03 AM, David Lum <[email protected]> wrote: > "After an exploit for them has been added to the Blackhole exploit kit, the > number of sites functioning as entrance points for malware has risen > exponentially. According to Patrik Runald, director of security research at > Websense, the company has already spotted over 100 unique domains serving the > Java exploit. > > "The number is definitely growing...and because Blackhole has an updatable > framework and already has a foothold on thousands of sites, we anticipate > that the number of sites compromised with this new zero-day will escalate > rapidly in the coming days," he told Gregg Keizer." > > - and - > > "According to researchers from Security Explorations, who found the two flaws > and reported them to Oracle back in April, the monthly status report they > received from Oracle less than a week ago shows that both flaws have been > addressed." > > Full article: http://www.net-security.org/secworld.php?id=13507 > > David Lum > Systems Engineer // NWEATM > Office 503.548.5229 // Cell (voice/text) 503.267.9764 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
