Over on Threatpost, Dennis Fisher has a story about a serious Java vulnerability that leaves users running any of the current versions of Windows open to simple Web-based attacks that could lead to a complete compromise of the affected system.
The flaw was disclosed publicly this week by two separate researchers. One of the researchers, Tavis Ormandy of Google, said he decided to go public when Sun declined to issue a prompt fix.
Ormandy explains:
Sun has been informed about this vulnerability, however, they informed me they do not consider this vulnerability to be of high enough priority to break their quarterly patch cycle.
http://blogs.zdnet.com/security/?p=6082&tag=col1;post-6161
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment