[ISN] 'Silent but deadly' Java security update breaks legacy apps - dev

From: InfoSec News <alerts_at_private>
Date: Fri, 1 Feb 2013 05:01:51 -0600 (CST)
http://www.theregister.co.uk/2013/01/31/java_security_update/

By John Leyden
The Register
31st January 2013

An application developer reports that the latest Java 7 update "silently" 
deletes Java 6, breaking applications in the process.

Java 7 update 11 was released two weeks ago to deal with an unpatched 
vulnerability which had gone mainstream with its incorporation into cybercrook 
toolkits such as the Blackhole Exploit Kit in the days beforehand. Attacks were 
restricted to systems running Java browser add-ons.

But Oracle's response appears to have caused some collateral damage.

JNBridge, which provides Java and .NET interoperability tools, reports that 
customers of software providers who use its technology came a cropper in cases 
where users had applied the latest Java update (Java 7u11). The software 
developer blogged about the issue here.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Fri Feb 01 2013 - 03:01:51 PST

This archive was generated by hypermail 2.2.0 : Fri Feb 01 2013 - 03:04:45 PST