[Mageia-dev] Actively exploited Java 7 zero day

Claire Robinson eeeemail at gmail.com
Fri Jan 11 19:59:26 CET 2013


On 11/01/13 18:52, David Walser wrote:
> If you're using Cauldron as a workstation and have the Java plugin (icedtea-web
> or Sun Java) enabled in your browser, be aware there's a zero-day vulnerability
> being actively exploited, and you should disable the plugin for general usage
> until we have a fix.
> 
> If you're using icedtea-web on Mageia 2 you're not affected, as that uses Java 6
> which is not known to be vulnerable.
> 
> http://arstechnica.com/security/2013/01/critical-java-zero-day-bug-is-being-massively-exploited-in-the-wild/
> http://www.h-online.com/security/news/item/Dangerous-vulnerability-in-latest-Java-version-1781156.html
> 

That's maybe worth a blog post, especially the Mga2 is not vulnerable
bit. People will be looking for updates when they are not needed.

Claire


More information about the Mageia-dev mailing list