Oracle provides critical patch for Java 7

Oracle has released a security update fixing critical vulnerabilities used by hackers to embezzle thousands of computers these days. The increasing number of attacks were yesterday, reported by all security firms, the new reassured.

Although the situation was critical, no specialist was able to tell if Oracle would issue a security update before the month of October. Patch with his out-of-band 1.7.0_07-b10 is now done. According to Rapid7, the security firm in charge of Metasploit, the update should make it possible to counter all attacks exploiting vulnerabilities implicated. Gowdiak Adam, founder and CEO of Security Explorations, which was reported at the beginning of April vulnerabilities in Oracle, said yesterday that the update made ​​it impossible Java exploits being used by hackers. "No more codes we sent to Oracle in April 2012 can not be used," said Gowdiak in an email response to questions. Information confirmed by Tod Beardsley, director of engineering for Metasploit. "It seems that this patch vulnerabilities exploited effectively blocks" it announced.

The rate of reaction Oracle welcomed by security firms

The two men, but also many personalities from the world of security also commented on the unusual nature of the urgent update delivered by Oracle. "If we assume that they have heard of vulnerabilities at the same time as the general public, the development of a patch in four days was lightning fast," said T.Beardsley. "And if the rumor stating that they had information from several months is true, it is still an achievement for the ... They usually take six months or more," he continued. Andrew Storms, director of security operations for nCircle, also praised the speed of Oracle. "Give them a little credit for this quick update. They should not forget the patch comes just a week after the information was made public," he said. Adam Gowdiak is also expressed satisfaction that the company did not wait for the update in October. "We hope that the updates out-of-band become more frequent and will be distributed whenever a need arises to protect users of Oracle software," he said.

Until now, Oracle has refused to comment on the situation. Users can obtain for their updating emergency on Oracle website.