Next Tuesday, Oracle is planning to release a Java SE Critical Patch Update that will contain 17 new security fixes which may be remotely exploitable without authentication. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible." [1]

[1] http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html

 -----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu