Adam Gowdiak: Oracle knew about Java vulnerabilities for months
Oracle knew since April about the existence of the two unpatched Java 7 vulnerabilities that are currently being exploited in malware attacks, according to Adam Gowdiak, the founder and CEO of Polish security firm Security Explorations.
Security Explorations reported 19 Java 7 security issues to Oracle on Apr. 2. Those issues included the two zero-day — unpatched — vulnerabilities that attackers are exploiting to infect computers with malware, Gowdiak said Wednesday via email.