Oracle’s Fix for the Zero-Day Java Flaw to be Available “Shortly”
Oracle recently issued a statement in response to the discovery of a Java 7 flaw that prompted Apple to disable the software in OS X. In the statement, Oracle said that they are currently working on a fix and will release the patch soon. There was no specific timeline as to when the fix will be pushed out other than Oracle vaguely saying “a fix will be available shortly.”
For those of you who don’t already know, the U.S. Department of Homeland Security said that Java’s most-recent vulnerability
is being “attacked in the wild, and is reported to be incorporated into exploit kits.” For its part, Oracle noted in its statement that the flaw only affects the most up-to-date version of Java 7 and Java software designed to run in Internet browsers.
Both Apple and Java have had a rough relationship over the past few years, including a move to drop the Java runtime from OS X 10.7 Lion’s default installation when the OS debuted in 2010. Another flaw in Oracle’s internet plugin was responsible for the most widespread malware ever when the “Flashback” Trojan reportedly affected roughly 600,000 OS X machines in April 2012. Apple’s continued efforts to wean away from Java in OS X led to the company’s final official in-house Java update issued in May 2012, at which point all responsibility for future updates was handed over to Oracle.
We’ll have to wait and see how long it takes Oracle to update the current Java issue.