Oracle and Apple have released an update to address the latest zero-day vulnerability in the Java platform.
The update patches a vulnerability which had been spotted in the wild being targeted for exploits. The remote code execution flaw was being targeted to perform drive-by malware attacks.
Oracle had been notified about the flaw by researchers with security firm FireEye, before publicly disclosing the vulnerability and revealing its active exploit in the wild.
Users running Windows and Linux systems can obtain the security update from Oracle, while OS X users can obtain the fix through Apple's Software Update component. Because the flaw is being targeted in the wild, Oracle is advising users to update their systems as soon as possible.
The company noted that the flaw is only present in client versions of Java. Administrators will not need to update their Java servers to protect against attack.
The update is the latest in a long line of zero-day vulnerabilities and high-profile flaws to be exposed in the Java platform in recent months. According to a 2012 report from Kaspersky Lab, Java is the most popular target for the growingly popular line of automated exploit kits.
As the list of flaws and number of attacks has piled up, vendors have begun advising users and administrators to consider disabling Java altogether. Researchers have noted that for many users, the platform is seldom used.
For users who do require Java, experts have suggested mitigation measures such as keeping a secondary browser on hand for Java applications.
Ultra-high-end all-in-one PCs from HP feature either 24-inch or 27-inch displays
Roomba 'smart' vacuum cleaner company iRobot plans to sell maps of users' homes to Apple, Amazon and Google
'Smart' products spying on their owners and selling the data for profit? Who'd have thought it!
TNT Express still struggling with NotPetya malware - crucial documents remain locked up in borked systems as staff grapple with manual procedures
TNT depots over-flowing with parcels as the company struggles to recover from NotPetya - while Reckitt Benckiser reports 'ongoing' recovery
Full roll-out of Android O expected within weeks