Ingenious Bypass for Ingenous Bypass
Don't have Java installed.
Oracle has crushed a critical click-to-play vulnerability attackers used in the NATO-busting hacking operation known as Pawn Storm, Trend Micro threat analyst Jack Tang says. The patch is part of a run of 154 fixes from Big Red including 25 for the ravaged Java runtime. The fix will either irk or amuse the sophisticated …
Uh, am I supposed to understand that it isn't ? Funny that, when you run the installer it says that it is being used on billions of PCs - and now it's even on phones.
Java use may be decreasing, but I do believe it's usage can still be qualified as "widespread".
"Oracle has crushed a critical click-to-play vulnerability attackers used in the NATO-busting hacking operation known as Pawn Storm, Trend Micro threat analyst Jack Tang says."
And yet in another article covering the Java patches we read:
"The good news is that Oracle says none of the vulnerabilities in its mammoth bug-splat had been exploited as of 19 October."
This phenomenon isn't limited to Oracle either, Microsoft has also reassured us that vulns haven't been exploited in the wild when in fact they very definitely have been. Either these folks are totally ignorant about what's going on outside their ivory tower or they are treating their customers & users with contempt, neither is good or excusable.