Oracle released a new update for the Java Runtime Environment yesterday. The update fixes two vulnerabilities that allowed a specially crafted Java Web Applet to execute code outside of the sandbox Java normally imposes on potentially dangerous Java Applets. The update was a quick response to a zero-day exploit discovered in the wild by an independent research who goes by the pseudonym Kafeine. News quickly spread and was verified by others. The exploit has already made its way into many of the more widely used exploit kits, greatly increasing the probability of infection when viewing a malicious site.
If you have Java installed, we urge you to update to version 7u11. If your computer has been in the shop recently and was picked up anytime after today (01/14/13), your Java was updated in-store as part of our services. If your computer hasn’t been in the shop recently, or if you’re not sure which version of Java you have installed, you can check and update from the Java site here. If you still aren’t sure, or would just prefer a trained technician to do it, don’t hesitate to give us a call or stop on by!