Yes, it is patched against the specific exploit vectors that have currently been discussed.
It is unclear whether or not other as-yet-too-difficult-to-pursue avenues have been also addressed by this patch. * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Thu, Aug 30, 2012 at 2:15 PM, S Powell <[email protected]> wrote: > according to cert: > http://www.kb.cert.org/vuls/id/636312 > > "This issue is addressed in Java 7 Update 7. Also consider the > following workarounds:" > > so I guess the real question is, is it really patched? > > > > ----------------- > "Choose the highest bidder" was my answer when they told me I was up for > sale. > > > On Thu, Aug 30, 2012 at 11:03 AM, David Lum <[email protected]> wrote: > > "After an exploit for them has been added to the Blackhole exploit kit, > the number of sites functioning as entrance points for malware has risen > exponentially. According to Patrik Runald, director of security research at > Websense, the company has already spotted over 100 unique domains serving > the Java exploit. > > > > "The number is definitely growing...and because Blackhole has an > updatable framework and already has a foothold on thousands of sites, we > anticipate that the number of sites compromised with this new zero-day will > escalate rapidly in the coming days," he told Gregg Keizer." > > > > - and - > > > > "According to researchers from Security Explorations, who found the two > flaws and reported them to Oracle back in April, the monthly status report > they received from Oracle less than a week ago shows that both flaws have > been addressed." > > > > Full article: http://www.net-security.org/secworld.php?id=13507 > > > > David Lum > > Systems Engineer // NWEATM > > Office 503.548.5229 // Cell (voice/text) 503.267.9764 > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
