Highly popular enterprise email and workgroup solution IBM Notes/Domino has a huge security vulnerability that allows for installation of spyware on a client system by doing as little as opening an email.
Exploit for one of the dozens of critical vulnerabilities patched through Java 7 Update 21 by Oracle last week has already started appearing in the wild and has reportedly found its way into different exploit kits.
A new Java exploit kit is currently available in the black market for only $40 a day, only hours after Oracle and Apple released the security updates for the zero-day vulnerabilities recently discovered.
Oracle released its latest Java update on February 19 fixing quite a few bugs and vulnerabilities reported earlier, but right after the release security firm Security Explorations claimed that there were two security issues with the update and they were specific to the Java SE 7.
In January a serious 0-day was reported in Java which if exploited would allow hackers to execute code remotely thereby granting them complete control of the affected system. Oracle did rush to patch the vulnerability but, hackers were also at work to develop a fake security update that pretends to be a genuine one promising to patch the vulnerability.
Apple has blocked Java from Mac systems and this is the second time in a month as it believes that its users are still at risk from the vulnerabilities.
Apple has seemingly taken proactive steps of its own to protect its user base from the dangers of the recently found Java 0-day by blocking the Java 7 plug-in on OS X.
Mozilla has added some of the latest Java versions to its Firefox add-on block-list after new vulnerabilities were reported in Java yesterday.
Oracle has announced the availability of the first developer preview of Java SE 8 for ARM based devices such as the Raspberry Pi and has made it available for download.