New Java Security Alert

A new exploit that could have interesting results have been outed on Twitter (by @jduck1337 ) and confirmed by various experts all over the Internet. The vulnerability is in the Java Runtime Environment (Java 7 ver 1,7) which could allow Java programs to be executed through Web Browsers (or as a standalone application)

An exploit for the bug has been released and the default exploit does work against all web browsers except Google Chrome but other groups, notably Rapid7, as is usual for them on released and known bugs, already released working exploits that also works on Google Chrome.

Disable Java in your web browser (If you have Firefox -> Tools -> Add-ons and disable all things Java ) – If you have Internet Explorer – visit

If you cannot work without Java enabled use a double browser approach and wait for Oracle to issue an update…