February 4, 2013
Oracle (NASDAQ: ORCL ) stepped up the release of a Java patch given vulnerabilities that had caught the attention of even the Department of Homeland Security.
The most recent patch for Java has 50 fixes to address security concerns, and was initially scheduled for release on Feb. 19. However, Oracle decided to push forward the release of the patch after confirming continued, active exploitation of the application's vulnerabilities in the Java Runtime Environment (JRE).
The announcement of the release came in a blog post dated Feb. 1 from Oracle's director of software security assurance, Eric Maurice. Oracle's Java plug-in has come under fire recently after the Department of Homeland Security announced in a statement on Jan. 10 that PC and Mac systems using Java versions 7 through 10 were susceptible to computer hackers.
To help mitigate similar security threats in the future, Maurice said the updated Java plug-ins will be switched to the highest security settings by default. As a result, users will be prompted, and given the opportunity to deny, running Java applets when visiting suspicious websites.