Oracle has poured cold coffee on a recent Java zero-day that’s already under active attack, with just one of the critical patches it’s released to address 193 holes in its sprawling product suite.
The zero day is the most urgent fix of the lot and of the two dozen other Java patches present among Big Red’s quarterly patch release.
Trend Micro researchers Brooks Li and Feike Hacquebord reported the flaw 13 July noting it is being attacked as part of the sophisticated ‘Operation PawnStorm’ hacking campaign.
Oracle software security assurance director Eric Maurice says the critical patch updates address 13 products.
View full story