Serious loop hole in Java

Late last week, Oracle was distributing a patch for Java software flaws deemed so dangerous the US Department of Homeland Security said people should stop using it.

''Oracle recommends that this Security Alert be applied as soon as possible because these issues may be exploited `in the wild' and some exploits are available in various hacking tools,'' Oracle's Eric Maurice said in a blog post.

The patch was crafted to fix two holes that hackers could slip through in Java 7 software used by web browsers to interact with websites.

''To be successfully exploited, an attacker needs to trick an unsuspecting user into browsing a malicious website,'' Mr Maurice said.

''The execution of the malicious applet within the browser of the unsuspecting users then allows the attacker to execute arbitrary code in the vulnerable system.''

Essentially, hackers could take advantage of the vulnerability to infect and take control of computers by getting them to visit a booby-trapped website.

Oracle raised Java security settings so that mini-programs referred to as ''applets'' would need to get permission from website visitors before being able to run on people's computers, according to Mr Maurice.

Despite the patch, computer specialists at the Department of Homeland Security advised people to avoid using the software ''unless it is absolutely necessary'', even after updating.

Java is distributed by business software powerhouse Oracle and is popular because it lets developers create websites in code that can be accessed regardless of a computer's operating system.

Mackline urges readers to follow the latest advice and uninstall until clearance is given.

The sex and dating category dominated global spam traffic, making up a whopping 82.6% of all spam traffic in December, according to the latest Symantec Intelligence Report. This category often takes the top spot, beating out pharmaceutical spam, but the margin rarely is this large. Scammers seemed to think we were a lonely bunch over the holidays.

The banking industry was once again the most targeted industry for phishing, collecting 65% of all attacks for the month. Finally, more than 80% of all adware in December was flagged by generic detections. For December, the US was the largest source of spam at 12.7%, phishing scams at 24.2%, and virus attachments at 40.9% globally. It was not unusual for the US to top one or two of those three categories, though claiming the triple crown of risk-based distribution was less common.