Java flaw draws Web attacks, reports say
A vulnerability in the Java software has the potential to affect a wide swath of computer users, and researchers warn that it's already being exploited "in the wild."
Security researchers have spotted a new vulnerability in the widely used Java software that could give attackers access to your computer.
The US-CERT group today issued an alert saying that Java 7 Update 10 and earlier versions of the software contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code. The attack can be induced if someone visits a Web site that's been set up with malicious code to take advantage of the hole.
This weak spot is already being attacked "in the wild" -- that is, it's a real-world threat -- and is being incorporated into exploit kits that make it easier for those with ill intentions to create an attack...
For full story,
Luckily, I rarely use Java anymore...