Oracle releases patch to address security Vulnerability in Java 7

Earlier this week Oracle reported on a newly-vulnerability in Java SE 7 that could risk many users on a variety of platforms, including OS X. The real-world threat to Mac users was very low, because only a small amount of users manually installed Java SE 7, this is incident is another reminder that Mac users can be vulnerable to malicious attacks.

Oracle reportedly warned of the issue months ago but did not take an significant action to protect users until it became public. Now, Oracle has moved quickly to address the problem with an announcement regarding the release of Java SE 7 Update 7. The company has also released Java SE 6 Update 35 to address a separate issue with the earlier version.

If successfully exploited, these vulnerabilities can provide a malicious attacker the ability to plant discretionary binaries onto the compromised system, e.g. the vulnerabilities can be exploited to install malware, including Trojans, onto the targeted system. Note that this malware may in some instances be detected by current antivirus signatures upon its installation.

The update versions of Java available through Oracle's Java download page.