어제 소개했던 오라클 자바 JRE 신규취약점 0-Day(CVE-2012-4681)의 보안업데이트가 금일 공개되었다.
자바를 사용하시는 분들은 빨리 업데이트를 해야 주말에 뉴스 페이지를 안전하게 볼 수 있을 것이다.
관련내용 : http://www.oracle.com/technetwork/java/javase/7u7-relnotes-1835816.html
Update Release Notes
Update Release Notes IndexJava™ SE Development Kit 7, Update 7 (JDK 7u7)
The full version string for this update release is 1.7.0_07-b10 (where "b" means "build") and the version number is 7u7.
JDK Demos and Samples remain the same as in JDK 7u6
The vulnerabilities addressed by this security release do not affect the demos and samples code. Therefore there is no need to update Demos and Samples as long as the JDK itself is updated to version 7u7.
JDK for Linux on ARMThe JDK for Linux on ARM is not covered by this security alert and therefore 7u6 remains as the latest version available for Linux on ARM.
Olson Data 2012c
JDK 7u7 contains Olson time zone data version 2012c. For more information, refer to Timezone Data Versions in the JRE Software.
Security Baselines
The security baselines for the Java Runtime Environment (JRE) at the time of the release of JDK 7u7 are specified in the following table:
| JRE Family Version | JRE Security Baseline (Full Version String) |
|---|---|
| 7 | 1.7.0_07 |
| 6 | 1.6.0_35 |
| 5.0 | 1.5.0_36 |
| 1.4.2 | 1.4.2_38 |
For more information about security baselines, see Deploying Java Applets With Family JRE Versions in Java Plug-in for Internet Explorer.
Bug Fixes
This release contains fixes for security vulnerabilities. For more information, see Oracle Security Alert for CVE-2012-4681.
업데이트 방법은 자바의 자동 업데이트를 실행하던가,
[제어판]에 가서 [JAVA] 를 실행시킨 후 [지금 업데이트] 하면 된다.
'취약점소식' 카테고리의 다른 글
| [Oracle Java] 오라클 자바 JRE 신규취약점 발견!! (2012-09-27) (4) | 2012.09.27 |
|---|---|
| [MS] Internet Explorer 원격코드 실행 신규 취약점 주의 권고(0-Day : CVE-2012-4969) (2) | 2012.09.18 |
| [Oracle Java] 오라클 자바 JRE 신규취약점 0-Day(CVE-2012-4681) 주의!! (2) | 2012.08.30 |
| [Adobe] Security updates available for Adobe Flash Player (0) | 2012.08.29 |
| 이스트소프트(ESTsoft), 알마인드(ALMind) DLL 하이재킹 취약점 보안 업데이트 (0) | 2012.08.02 |
댓글