Oracle released an emergency patch on Thursday for previously unknown Java vulnerabilities that cybercriminals had targeted with popular exploit kits. Security Explorations sent a report about the vulnerability to Oracle on Friday with a proof-of-concept exploit. The vulnerability has only been found being used against Windows, but other platforms such as the Mac OS could potentially be targeted through the same exploit. Researchers don’t plan to release any technical details about vulnerability publicly until Oracle addresses it, CEO Adam Gowdiak said.
Source: https://thehackernews.com/2012/09/security-researchers-found-yet-another.html