Threat Post

Broken 2013 Java Patch Leads to Sandbox Bypass

A patch for a critical 2013 Java vulnerability is incomplete, and exposes Java servers and clients to a sandbox bypass, researchers at Security Explorations of Poland said. Java’s miserable 2013 just ...
Dark Reading

No Java Patch For You: 93 Percent Of Users Run Older Versions Of The App

Despite growing awareness of the dangers of Java bugs and exploits, plus Oracle's update of the app in mid-April, some 93 percent of users still aren't running the latest version of the beleaguered ...
Threat Post

Oracle Rushes Emergency Java Update to Patch McRAT Vulnerabilities

Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today’s update patches ...
Fox News

Bogus Java patch drops malware on your PC

For anyone rushing to patch their Java software after the discovery of last week's critical flaw, a word of caution: There's a malware injector going around pretending to be a Java update. "The use of ...
PC World

Two-year-old Java flaw re-emerges due to broken patch

A patch for a critical Java flaw released by Oracle in 2013 is ineffective and can be easily bypassed, security researchers warn. This makes the vulnerability exploitable again, paving the way for ...