US-CERT Releases Oracle Java JRE 1.7 Security Advisory
Posted: Fri Aug 31, 2012 2:39 pmUS-CERT Releases Oracle Java JRE 1.7 Security Advisory
Original release date: Tuesday, August 28, 2012 at 4:25 pm
Last revised: Tuesday, August 28, 2012 at 4:25 pm
US-CERT has released Vulnerability Note VU#636312 to address a
vulnerability in Oracle Java Runtime Environment (JRE) 1.7. This
vulnerability may allow an attacker to execute arbitrary code on a
vulnerable system.
US-CERT encourages users and administrators to review Vulnerability Note
VU#636312. This advisory includes possible workarounds that help
mitigate the risk against known attack vectors by disabling the Java
plug-in.
Update: Oracle has released an out-of-band patch to address this
vulnerability. US-CERT encourages users and administrators to review the
Oracle Security Alert for CVE-2012-4681 and apply any necessary updates
to help mitigate the risk.
Relevant URL(s):
<http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html>
<http://www.kb.cert.org/vuls/id/636312>
Original release date: Tuesday, August 28, 2012 at 4:25 pm
Last revised: Tuesday, August 28, 2012 at 4:25 pm
US-CERT has released Vulnerability Note VU#636312 to address a
vulnerability in Oracle Java Runtime Environment (JRE) 1.7. This
vulnerability may allow an attacker to execute arbitrary code on a
vulnerable system.
US-CERT encourages users and administrators to review Vulnerability Note
VU#636312. This advisory includes possible workarounds that help
mitigate the risk against known attack vectors by disabling the Java
plug-in.
Update: Oracle has released an out-of-band patch to address this
vulnerability. US-CERT encourages users and administrators to review the
Oracle Security Alert for CVE-2012-4681 and apply any necessary updates
to help mitigate the risk.
Relevant URL(s):
<http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html>
<http://www.kb.cert.org/vuls/id/636312>