Friday, August 31, 2012

Oracle says they have patched that four-month-old hole in Java

[Added] Be sure to read the follow-up to this post -- the patch is itself buggy.

This is a follow-up from yesterday.

Dan Goodin from Ars Technica reports that "Oracle has updated its widely used Java software framework to fix critical vulnerabilities that criminals were actively exploiting to take full control of end-user computers." His subhead says it all:

Install it immediately, or better yet, completely uninstall Java altogether.

You already know my feelings on the matter.

Uninstall instructions for Windows here. If you must have Java on your machine, get the latest version here. (Uninstall any old versions first, for extra safety.) You can check which version you have installed here. If you're checking the version number after installing the latest version, be sure to restart your browser first.

No comments: