Home arrow Java & J2EE arrow Page 2 - Oracle Patch Fixes 21 Java Vulnerabilities

Vulnerabilities Fixed - Java

Oracle recently released Java's Critical Patch Update, or CPU, for February. In other words, if you have not updated Java, now is the time to do so. Oracle only releases CPUs for Java four times per year, and this month's update fixes 21 vulnerabilities. The next CPU is set to be released on June 7, 2011.

  1. Oracle Patch Fixes 21 Java Vulnerabilities
  2. Vulnerabilities Fixed
By: wubayou
Rating: starstarstarstarstar / 1
February 24, 2011

print this article



Of the 21 vulnerabilities, 19 can be exploited remotely by hackers via a network. Even more alarming is that they can be exploited without a username or password. While the vulnerabilities susceptible to remote attacks are of concern, there are even more pressing issues. Eight of the vulnerabilities have a 10.0 rating on the CVSS, or Common Vulnerability Scoring System. The CVSS is the industry standard that is used to rate the severity of security vulnerabilities in computer systems, and 10.0 is the highest rating on the scale.

Java has a rather poor recent history when it comes to exploitation, and the blame has been divided amongst the technology's users and Oracle. Oracle's patching with Java has been criticized for its lack of effectiveness and poor design. Many believe this is the reason why so many users have failed to update Java in the past. Statistics from 2010 reflect Java's updating problem and the disconnect with its users.  Cisco, a networking vendor, reported that Java was exploited 3.5 times more than Adobe's PDF Reader last year, earning it the dubious label of the most exploited client-side technology on the market.

For more on this topic, visit http://www.esecurityplanet.com/patches/article.php/3925146/Oracle-Updates-Java-for-21-Vulnerabilities.htm

>>> More Java & J2EE Articles          >>> More By wubayou

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- More Java Bugs Lead to More Attacks
- Oracle's Java One Brings News, Surprises
- Oracle Patches Java Runtime Environment
- Apple Syncs Java Update with Oracle
- Spring 3.1 Java Development Framework Compat...
- Jelastic Java PaaS Availability and Pricing ...
- NetBeans 7.1 Released, Supports JavaFX 2
- SolarWinds Releases Newest Version of Java M...
- Free Monitoring Tool for Java Apps on Heroku
- Heroku Adds JCloud Platform Support, Java 7 ...
- Java SE 8 Speculation in Full Swing
- Java SE 7 Now Available
- New JVM Language and Java Reporting Tool
- Java 7 Release Update and New Eclipse Toolkit
- The Best Java Netbeans IDE Plugins

Developer Shed Affiliates


Dev Shed Tutorial Topics: