Oracle
Yet another unpatched security hole found in Java
Just last week you were congratulating yourself for patching your computer against a Java security hole.
Now another zero-day unpatched vulnerability has been found in Oracle's widely used software.
Oracle and Apple ship critical Java updates - get yours today!
The security-beleaguered Java ecosystem usually gets updates just once every four months, in February, June and October.
But this year, Oracle has adapted that schedule a number of times, and this is one of them...
Oracle ships out-of-band Java fix, Apple follows suit
Oracle recently published an emergency update for Java, and Apple quickly followed suit for the version of Java it still officially supports.
Paul Ducklin tries to guess where Oracle's Java patch cycle will end up...
Researchers claim to have found more zero-day vulnerabilities in Java
A security research team that has alerted Oracle to a series of security flaws in Java in the past, says that it has uncovered new zero-day vulnerabilities in the software.
Apple patches the Java hole its own developers fell into - eventually
Shortly after admitting that its own techies got infected thanks to a Java hole, Apple has pushed out a Java update for the rest of us.
Apple, with this most recent update, seems to have washed its hands permanently of browser-based Java. Paul Ducklin explains...
Monday review - the hot 21 stories of the week
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Oracle on Java - we *will* have Patch Tuesday on 19 Feb 2013 after all
Oracle brought forward its February Patch Tuesday to provide an accelerated fix for some in-the-wild exploits.
But that meant leaving other less vital stuff out, so the pre-empted Patch Tuesday will happen after all, on 19 Feb 2013. Be there!
Adobe patches Flash - heads off in-the-wild attacks against Windows and Apple users
It's not Tuesday...
Nevertheless, Adobe's Flash Player has been upgraded to patch against two in-the-wild exploits against Windows and Apple users.
Another Java update! Oracle brings Patch Tuesday forward to close in-the-wild hole...
"Yet another Java update! Get it while it's hot."
This update was planned for 19 Feb 2013.
But Oracle brought it forward, citing the "active exploitation 'in the wild' of one of the vulnerabilities affecting...desktop browsers".
Apple (again) washes its hands of the Java mess
Apple's thrown in the towel on the Java mess and has, for the second time in two weeks, blocked all versions of Java on OS X 10.6 (Snow Leopard) and later.
Monday review - the hot 24 stories of the week
It's weekly roundup time.
Here's everything we've written in the past seven days.
Oracle, please stop sneakily foisting third-party toolbars on us with your Java updates
If you're installing a critical security update on your computer, caused by the software vendor's sloppy code quality, you probably wouldn't dream that your software vendor is trying to make some money out of the inconvenience.
PWN2OWN - hack the Big Four browsers in public and go home with half a million dollars
Only six weeks to go until PWN2OWN 2013, where you can hack the Big Four browsers and the Big Three plugins, and win over half a million dollars.
But is it just about the money?
Paul Ducklin investigates...
Monday review - the hot 31 stories of the week
Here you go.
All the stories we wrote in the past seven days, in case you missed anything (or just want to read them again).
Java hacker boasts of finding two more unpatched holes
Serial Java fault-finder Adam Gowdiak has embarrassed Oracle yet again.
The Polish researcher is publicly bragging about two brand-new vulnerabilities he's found even since Oracle's most recent patch just a week ago.
Yet ANOTHER Java zero-day claimed - but this time you're laughing, right?
Irrepressible cybercrime investigator and reporter Brian Krebs has written about yet another Java zero-day exploit.
This one, it seems, targets an exploitable vulnerability even in Oracle's most recent release, Version 7 Update 11, aka 7u11.
Java is not JavaScript - tell your friends!
Some people are worried that turning off Java also turns off JavaScript.
Despite their names, Java and JavaScript are completely different, and turning off Java will not turn off JavaScript.
Oracle releases patch for latest Java hole - update now!
Oracle has been on the ball and has already come out with a patch for the latest Java security hole.
Java 7 Update 11 fixes both CVE-2013-0422 and a second vulnerability. Find out more...
Apple and Mozilla - 'Just say no to Java'
After the recent discovery of a zero-day vulnerability in Oracle's Java Web Start plugin Apple and Mozilla are now disabling Java by default until fixes are made available.
Java 7 update 10 introduces important new security controls
Last week Oracle released Java 7 update 10 to the world without fixing a single vulnerability. That doesn't mean there aren't serious security improvements though. New settings could make Java users much safer from here forward.
![Have your say - LulzSec: helpful, harmless or hideous? [VOTE NOW]](http://sophosnews.files.wordpress.com/2013/05/lulzsec-poll-thumb.jpg?w=75&h=75&crop=1)
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
![Hacked TV channels broadcast zombie apocalypse emergency alert [VIDEO]](http://sophosnews.files.wordpress.com/2013/02/zombie-thumb.jpg?w=75&h=75&crop=1)
