Oracle patches a critical Java vulnerability that is being exploited by hackers to install malicious software. Java SE 6 Update 20 patches a bug disclosed last Friday by Google security researcher Tavis Ormandy. Only systems running Windows are at risk; only systems running Microsoft’s IE or Mozilla’s Firefox browser with the Java plug-in installed are vulnerable. A U.S.-based Web site, Songlyrics.com, was hacked into and redirecting visitors to a Russian server feeding the Java attack.”]
Source: https://www.csoonline.com/article/2125041/oracle-issues-emergency-java-patch-to-stop-attacks.html