"(…) security researchers at the Polish firm Security Explorations revealed another critical security flaw in Java that affects users of every browser that runs the plugin, including Chrome, Firefox, Safari and Internet Explorer, allowing a malicious hackers to gain complete control of a victim's machine through a rigged website."
Read now in Forbes
"A new zero-day exploit in multiple versions of Java puts roughly 1 billion users at risk to attackers and malicious code. The flaw was discovered by researchers at Poland's Security Explorations, a security firm that already has a known penchant for unearthing flaws in Java's notoriously buggy programming language."
Read now in NBC News
"Serious vulnerabilities exist in Google App Engine (GAE), a cloud service for developing and hosting Web applications, a team of security researchers has found.The vulnerabilities could allow an attacker to escape from the Java Virtual Machine security sandbox and execute code on the underlying system, according to researchers from Security Explorations, a Polish security firm that found many vulnerabilities in Java over the past few years."
Read now in PC World
"Security Explorations earlier this month also notified IBM of 17 Java-related security issues in its products, 10 of which "successfully demonstrate a complete IBM J9 Java VM security sandbox bypass," said Gowdiak. The security issues are present in the IBM software development kit (SDK), which is a Java Standard Edition implementation from IBM that's available for a number of platforms (…)"
Read now in Dark Reading
"Reuters reports that Adam Gowdiak, Java security expert at Security Explorations, says Oracle's update leaves "several critical security flaws" unfixed. "We don't dare to tell users that it's safe to enable Java again," Gowdiak told Reuters."
Read now in CBC News
"Oracle issued an emergency fix today for vulnerabilities in its Java software about four months after Security Explorations, a security firm, warned the company about the bugs. The delay in providing a fix allowed more than 100,000 computers to get hacked, security firm FireEye estimated. So why did it take this long to provide a patch?"
Read now in Bloomberg