Java 7 Update 7 Released

After several days of nothing from Oracle a new update has just been quietly posted to Java.com and Oracle’s Java page. Update 7 doesn’t include anything significant at quick glance according to the release notes however there’s been reports that the recent Java Metasploit modules don’t work anymore. Here’s a link to one of the release notes. For those that want a quick peak … see the image below. And if you look real closely waaaayyyy down at the bottom of the image you’ll see “This release contains fixes for security vulnerabilities. For more information, see Oracle Security Alert for CVE-2012-4681.”

According to this CVE in the NVD it was last updated on 8/29/2012 and the description reads, “Oracle Java 7 Update 6, and possibly other versions, allows remote attackers to execute arbitrary code via a crafted applet, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.” Well there ya go…

#####

What do you think about Oracle being so quiet for the past few days and then just randomly releasing a patch? Let us know in the comments below. Today’s post pic is from Oracle.com. See ya!

9 comments for “Java 7 Update 7 Released

  1. August 30, 2012 at 2:07 pm

    New Java version released… Time to download and update… http://t.co/qb6EjyO7

  2. August 30, 2012 at 2:12 pm

    US CERT lists Java 1.7 update 7 as the fix for that vulnerability
    http://www.kb.cert.org/vuls/id/636312

    I too was looking for the release notes to be a bit more informative (was wondering about my reading skills) or for an Oracle security bulletin. They’re problably writing up the bulleting (and placing it behind a oracle logon).

  3. August 30, 2012 at 2:38 pm

    Roger: Yeah if you look real close down at the bottom of the release notes they make reference to CVE-2012-4681. I looked that up and of course it mentions it. I added it’s description text for reference above.

  4. August 30, 2012 at 2:51 pm

    #Infosec RT @grecs: New Java version released… Time to download and update… http://t.co/0wCHupQi

  5. August 30, 2012 at 3:10 pm

    #NoVABloggers Java 7 Update 7 Released http://t.co/NU0RWQxE

  6. August 30, 2012 at 4:04 pm

    Java 7 Update 7 Released http://t.co/qMKr0jXb

  7. August 30, 2012 at 4:32 pm

    Java 7 Update 7 Released | http://t.co/QRcVI5QIhttp://t.co/kr3besgW #infosec #vulnerability #java

  8. August 31, 2012 at 9:09 am

    BLOGGED: Java 7 Update 7 Released http://t.co/aCjsTsPD //In case U missed yesterday. Time to patch! (or just uninstall)

  9. August 31, 2012 at 9:09 am

    BLOGGED: Java 7 Update 7 Released http://t.co/qb6EjyO7 //In case U missed yesterday. Time to patch! (or just uninstall)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.