 |
| Click to Zoom |
As we all know that Java is Vulnerable and it has a Zero-Day Vulnerability and now a great news is coming from Oracle that they have released a patch for this security issues they really love their customers.
- CVE-2012-4681 (US-CERT Alert TA12-240A and Vulnerability Note VU#636312)
- Two other vulnerabilities affecting Java running in web browsers on desktops
These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user’s system.
In addition, this Security Alert includes a security-in-depth fix in the AWT subcomponent of the Java Runtime Environment.
