This happened last month, so it was 0-day THEN, not NOW.
The hole in question was patched in the February 1st Java release.
This is news because it shows how Facebook was affected by the many unaddressed security holes that were present in Java (and how it could be run -- last month -- silently), but this is NOT news of new holes in Java.
So far the latest (quite significant) fixes seem to have been effective.
The hole in question was patched in the February 1st Java release.
This is news because it shows how Facebook was affected by the many unaddressed security holes that were present in Java (and how it could be run -- last month -- silently), but this is NOT news of new holes in Java.
So far the latest (quite significant) fixes seem to have been effective.