How are you going to address the JRE 7 exploit?
Are you confused on the course of action you should take with regard to the latest JRE exploit? Check out this post by head geek Lawrence Garvin, WSUS MVP, for guidance on uninstalling, disabling or patching the latest Oracle Java update. Patching Java is a big pain whether you are using WSUS or a SCCM patch management solution. SolarWinds has a great tool for quickly patching Java and due to the threat for this vulnerability, SolarWinds has now made available the Java update in its free evaluation, so everyone can patch this update quickly.
It’s been yet another busy 72 hours in the land of Java, although, by now, a lot of people have become quite accustomed to this rat race. The latest issue was reported Friday, by a number of sources, that an active exploit of an issue in the Java Runtime Environment (JRE) v7 update 10 was identified. Unlike past times, though, Oracle responded quite rapidly, and on Sunday released an update: JRE7v11 – which, unfortunately, doesn’t fix all of the identified vulnerabilities, but does fix the one being exploited. That update was published to the SolarWinds Patch Manager catalog yesterday.
However, be aware that the same vulnerability also exists in the Java Runtime Environment v6, and Oracle has not released a patch for that vulnerability, so don’t be surprised if an active exploit for JRE6 shows up in the next day or so.
In the meantime though, here’s an Action Plan for dealing with Java…
To learn more and to read the entire article at its source, please refer to the following page, How are you going to address the JRE 7 exploit?