Polish researcher Adam Gowdiak claims that he has discovered another critical flaw in Oracles Java. The new claim was published on the Full Disclosure mailing list. Gowdiak writes that the mew flaw impacts “all latest versions of Oracle Java SE software” and it allows “a complete Java security sandbox bypass in the environment of Java SE 5, 6 and 7.” This could be potentially worse than the last Java Vulnerability which lead to infections of malware on thousands of PC’s worldwide.
Gowdiak also claims “the bug allows to violate a fundamental security constraint of a Java Virtual Machine. The post also says he discovered the problem “exclusively” for Oracle’s imminent JavaOne conference, commencing September 30th.
Gowdiak also taunts Larry Ellison, writing that he hopes news of the new flaw does not spoil his morning coffee!
Protect your company against hacker attention with Tiro Security, a leading provider of IT Security jobs located in the heart of Silicon Beach in West Los Angeles, CA.