The Department of Homeland (DHS) warned Americans about a dangerous flaw in ’s latest version, and advised users to disable to prevent exploitation. When the zero-day flaw was discovered by the DHS’ Computer Emergency Readiness Team (CERT), there were already publicly available exploit kits taken advantage of the hole. The stems from a permissions loophole in Java 7 that allows an external user to elevate privileges of an untrusted Java applet to install malware, issue a denial of service attack, or manipulate the affected machine. The DHS’ response to learning of the potential threat was to issue a warning with instructions to disable Java content in web browsers, a rare suggestion from an organization that sees plenty of broken code. Fixing Java In the report issued by the DHS’ CERT, the team said, “We are currently unaware of a practical solution to this .” In response, has blocked the Java 7 OS X plugin. and have yet to formally respond. Oracle told Reuters that “a fix will be available shortly” and did not elaborate. It’s rumored that Oracle knew about the potential security risk in Java 7′s code as early as October 2012.

8540e42bf5470 75.jpg 450x252 U.S. government advises users to disable Java

Read this article:
U.S. government advises users to disable Java