ZDNet

Bug leaves Windows open to Java attack

Microsoft has warned of three new flaws affecting its software, the most serious of which would allow an attacker to gain full control of a user's PC using a Java applet. The three warnings, all ...
Computerworld

New bug makes moot Java’s latest anti-exploit defenses, claims researcher

Java’s new security settings, designed to block “drive-by” browser attacks, can be bypassed by hackers, a researcher announced Sunday. The news came in the aftermath of several embarrassing “zero-day” ...
Threat Post

Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look

There are 17,000 unpatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. There’s an enormous amount of software vulnerable to ...
Dark Reading

Java Security Work Remains, Bug Hunter Says

The current version of Java 7 includes a bug that can be used to bypass all security defenses in the Java browser plug-in, allowing an attacker to execute arbitrary code using the Java runtime ...
Macworld

Oracle warns: Java users should hold off on updating to macOS Sonoma 14.4

Apple released macOS 14.4 nearly two weeks ago, but if you haven’t yet installed it, you might want to hold off. Oracle recently posted on its Java blog that Java processes on Macs running macOS ...
eWeek

Critical Java Bug Targets Java Virtual Machine

A highly critical vulnerability in Sun Microsystems Inc.s Java plug-in has been discovered by a Finnish security consultant. The vulnerability could potentially allow a Web page to turn off Javas ...