Last week a critical security vulnerability was discovered within Oracle’s popular Java 7 Runtime Environment (JRE), affecting Java 7 Update 10 in addition to all earlier versions of Java 7, which due to widespread use has the potential to place over 850 million PCs at risk. The critical severity of this vulnerability has caught the attention of security experts worldwide, in addition to the United States Department of Homeland Security, which has already started advising PC owners to immediately disable and stop using the software until a patch can be released to fix the vulnerability.
Widely publicized last week, this vulnerability is the latest in a series of problems for Oracle’s Java software and places users at grave risk if the software remains enabled and unpatched, as unauthenticated attackers may be able to exploit the vulnerability to execute arbitrary commands and gain complete access to any vulnerable PC any any information contained within. Fortunately, Oracle has today released software update, Java 7 Update 11, which addresses this vulnerability.
We strongly encourage all affected users to immediately apply this software update and also recommend users either uninstall or disable the software if it isn’t being actively used or needed to avoid any possible vulnerabilities down the road.