Java 7 Exploitable vulnerability
Java 7 Exploitable vulnerabilityReuters

American technology company Oracle Corp released an update to fix the flawed Java software which made PCs vulnerable to data theft from hackers.

The company's software update "Java Platform (JDK) 7u11" is now available at the company's website. Users can click here to download the latest update.

Oracle Corp in its advisory said, "The default security level for Java applets and web start applications has been increased from 'Medium' to 'High'."

The company further said, "This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the "High" setting the user is always warned before any unsigned application is run to prevent silent exploitation."

Java software maker Oracle Corp has to be credited for the quick release of the update addressing the security flaw in its software. The company took less than four days to roll out the fix. The anomaly in the Java software was first reported on last Thursday.

However, Adam Gowdiak, a researcher associated with Poland's Security Explorations, reportedly said that the new update does not completely fix several other security flaws in the Java software.

Gowdiak said, "We don't dare to tell users that it's safe to enable Java again," reported Reuters.

An operational hand of United States Department of Homeland Security, US-CERT (United States-Computer Emergency Readiness Team) had issued an advisory that "Java 7 Update 10" and older versions made PCs vulnerable to attacks from remote hackers.

Hackers equipped with modern "exploit kits" can easily hoodwink an unsuspecting user to visit a specially crafted HTML document, and a remote attacker can execute an arbitrary code on a vulnerable system.

US security agency warned users to un-install java software and plug-ins running on the internet browsers to avoid attacks from cyber criminals.

Java, a cross-platform software is installed on hundreds of millions of PCs around the world; programmers use Java to write software using just one set of code that will run on virtually any type of computer.

Java is used so that Web developers can make sites accessible from browsers running on Microsoft Corp Windows PCs or Macs from Apple Inc.

Computer users access those programs through modules, or plug-ins that run Java software on top of browsers such as Internet Explorer and Firefox.

Lately, the Java software has been under lot of scrutiny by security experts ever since a similar security scare, which was raised in August. Apple had also initiated to remove older versions of the Java software and plug-ins through their Mac OS anti-malware system.

(With inputs from Reuters)