Oracle Working on Critical Java Patch For Release Soon

Consider this a PSA: Oracle is going to patch that hole in Java, the one that security pros discovered last week. Cybercriminals were using a zero-day exploit in Oracle’s Java to deliver malware payloads, steal identities, and take over computers to force them to commit nefarious acts.

According to Reuters, Oracle said that “A fix will be available shortly”, which of course begs the question of what “shortly” means, exactly. In an hour? A week? A month?


In any case, the exploit apparently only affects Java 7, so users with older versions of the software can breathe a sigh of relief. However, everyone should note well that this is the second major security flaw in Java that researchers have uncovered in the last few months; back in September, Security Explorations found a hole that affected potentially billions of PCs worldwide using Java 5, 6, and 7.