Corporate Security Blog

Security Alert CVE-2016-0636 Released

Eric Maurice
Director of Security Assurance

Oracle released Security Alert CVE-2016-0636 to address a vulnerability affecting Java SE in web browsers on desktops. This vulnerability has received a CVSS Base Score of 9.3 and is remotely exploitable without authentication. A successful exploitation of this vulnerability would typically require an unsuspecting user running an affected version of Java SE to visit a malicious web site.

Oracle recommends customers apply this Security Alert as soon as possible. Oracle recommends that Java home users visit Java.com to ensure that they are running the most recent version of Java SE and that all older versions of Java SE have been completely removed. Oracle further advises against downloading Java from sites other than Java.com as these sites may be malicious.

For More Information:

The Advisory for Security Alert CVE-2016-0636 is located at http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.