Oracle has done a good job by issuing urgent update to close the critical security flaw in the java that was already being widely exploited by the cyber criminals.
This Security update addresses security issues CVE-2012-4681 and two other vulnerabilities affecting Java running in web browsers on desktops. These vulnerabilities are not applicable to Java running on servers or standalone Java desktop applications.
The patch’s release comes months ahead of Oracle’s next planned patch in its cycle, which would have been in October. But perhaps responding to the security community’s warnings that users should disable Java to protect themselves, Oracle has taken the rare step of releasing its fix early.
The update brings Java 7 to Update 7, and appears to fix the flaw being exploited and several other security holes. Oracle also released a security update for systems running Java 6, which brings that version to Java 6 Update 35.
“Due to the severity of these vulnerabilities, the public disclosure of technical details and the reported exploitation of CVE-2012-4681 “in the wild,” Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible .” oracle said in the security advisory.
