IBM issued a fix in a July 2013 update for its Java development kit for a critical vulnerability in its own Java implementation. The patch relied solely on the idea that hiding the vulnerable method deep in the code and behind a Proxy class would be sufficient to address the issue. IBM maintains its own implementation of the Java virtual machine and runtime. Security Explorations recently changed its vulnerability disclosure policy, saying that it will no longer tolerate broken patches for vulnerabilities that it has responsibly reported to vendors. The company will now publicly disclose how to bypass those fixes without notifying the vendors beforehand.”]