A security researcher has released a proof-of-concept attack that exploits
critical vulnerabilities that Apple patched on Thursday. The vulns stem from
bugs in the Java runtime environment that allow attackers to remotely execute
malicious code. Sun Microsystems patched the flaws early last month.

"I know that having a POC in hand bumps Apple’s priority, so I sent them the
POC and made them aware of the issue," said the researcher, Kevin Finisterre, a
co-founder of security firm Netragard. "I honestly wanted my browser fixed."

Оставить мнение

Check Also

Кавычкой по «Джумле». Учимся проводить SQL-инъекцию второго порядка на примере уязвимости в Joomla

Joomla — вторая по популярности система управления сайтами после WordPress. Уязвимость, о …