F-Secure says a new exploit targeting security vulnerabilities in Java is circulating, just days after Oracle patched 42 flaws with Java 7 Update 21. The exploit is said to be similar to code in a module released on the Metasploit framework, according to F-Secure. Meanwhile, Adam Gowdiak of Security Explorations reports that there is a reflection API vulnerability in the new Server Java Runtime Environment.

Related Summaries