Oracle has updated its February Critical Update to include five new fixes for Java that didn’t quite make the earlier cut. The update is critical and should be deployed as soon as possible.
Four of the fixes concern client deployment of Java, and can be exploited through Java Web Start applications on desktops and Java applets in internet browsers. The fifth concerns the Java Secure Socket Extension (JSSE) vulnerability commonly known as ‘Lucky Thirteen’. “Due to the severity of the vulnerabilities fixed in this Critical Patch Update,” says Oracle, “Oracle recommends that these fixes be applied as soon as possible.”
Read more:
http://www.infosecurity-magazine.com/view/30846/5-more-critical-fixes-for-java-released-by-oracle/
