To boot, reports are circulating that out in the world, a fake patch is actually ANOTHER infection. Good grief.
So the sordid saga of Java stewardship under Harry Ellison’s Oracle slithers on…meanwhile, cable TV is rolling out a new reality program – “PC Java Wars” Rescue will NOT arrive on the giant Catamaran zig-zagging back and forth offshore.
Researchers (in a Threatpost report) say not only is the patch weak, ineffective, and an embarrassment but they went ahead and doubled down.
They have dug up another one while scanning the first.
Russ Imrie 2013
- Beware of fake Java update patch – it contains malware (dottech.org)
- Hackers Tout Fake Java Patch As Fresh Exploit Sells For Thousands (techweekeurope.co.uk)
- Malware masquerades as patch for Java (networkworld.com)
- Latest Java Update Broken; Two New Sandbox Bypass Flaws Found (developers.slashdot.org)
- Malware impersonates Java patch (pcworld.com)
- Oracle’s Java Fix Fizzles (technewsworld.com)
- Oracle’s Latest Java Fix Is Still Broken, Better Learn to Live Without (gizmodo.com)
- Malware Masquerades As Patch for Java (cio.com)
- Apple gives Java more attention after security snafu (reviews.cnet.com)
- My first article on the earlier Java security – even at the level of a Homeland Security alert! But that was a week ago.
Copyright © forever and 2012, 2013 by Russell Imrie