Late last week, Oracle was distributing a patch for Java
software flaws deemed so dangerous the US Department of
Homeland Security said people should stop using it.
''Oracle recommends that this Security Alert be applied as
soon as possible because these issues may be exploited `in
the wild' and some exploits are available in various hacking
tools,'' Oracle's Eric Maurice said in a blog post.
The patch was crafted to fix two holes that hackers could
slip through in Java 7 software used by web browsers to
interact with websites.
''To be successfully exploited, an attacker needs to trick an
unsuspecting user into browsing a malicious website,'' Mr
''The execution of the malicious applet within the browser of
the unsuspecting users then allows the attacker to execute
arbitrary code in the vulnerable system.''
Essentially, hackers could take advantage of the
vulnerability to infect and take control of computers by
getting them to visit a booby-trapped website.
Oracle raised Java security settings so that mini-programs
referred to as ''applets'' would need to get permission from
website visitors before being able to run on people's
computers, according to Mr Maurice.
Despite the patch, computer specialists at the Department of
Homeland Security advised people to avoid using the software
''unless it is absolutely necessary'', even after updating.
Java is distributed by business software powerhouse Oracle
and is popular because it lets developers create websites in
code that can be accessed regardless of a computer's
Mackline urges readers to follow the latest advice and
uninstall until clearance is given.
The sex and dating category dominated global spam traffic,
making up a whopping 82.6% of all spam traffic in December,
according to the latest Symantec Intelligence Report. This
category often takes the top spot, beating out pharmaceutical
spam, but the margin rarely is this large. Scammers seemed to
think we were a lonely bunch over the holidays.
The banking industry was once again the most targeted
industry for phishing, collecting 65% of all attacks for the
month. Finally, more than 80% of all adware in December was
flagged by generic detections. For December, the US was the
largest source of spam at 12.7%, phishing scams at 24.2%, and
virus attachments at 40.9% globally. It was not unusual for
the US to top one or two of those three categories, though
claiming the triple crown of risk-based distribution was less