CERT Releases Oracle Java 7 Security Advisory

2013-01-14T00:00:00
ID CISA:C49EAF51D624B3501A643FD4584E00C1
Type cisa
Reporter CISA
Modified 2013-02-22T00:00:00

Description

CERT released Vulnerability Note VU#625617 to address a vulnerability in Oracle Java Runtime Environment (JRE) 7 and earlier that is currently being exploited in the wild. This vulnerability may allow an attacker to execute arbitrary code on vulnerable systems.

US-CERT encourages users and administrators to review CERT Vulnerability Note VU#625617 and US-CERT Alert TA13-010A. Due to the number and severity of this and prior Java vulnerabilities, it is recommended that Java be disabled temporarily in web browsers as described in the "Solution" section of the US-CERT Alert and in the Oracle Technical Note "Setting the Security Level of the Java Client."

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we'd welcome your feedback.