Oracle Ships Emergency Java 7 Update 17 to Patch Two Vulnerabilities After One Is Exploited in the Wild
Mere hours after news broke that five new vulnerabilities had been found, Oracle on Monday announced the release of Java 7 Update 17 to address two separate vulnerabilities. The patch is being shipped out of schedule because Oracle learned one of the flaws was being “actively exploited by attackers to maliciously install the McRat executable onto unsuspecting users’ machines.”
The last update was number 15, but Java security updates always come in odd numbers. If you use the plugin, you can download the latest update now from the Java Control Panel or directly from Oracle’s website here: Java SE 7u17.