Oracle blocks security hole with quick, hot 'n' premature Java update
Oracle issues Java security update two weeks earlier than planned. From http://www.theregister.co.uk/2013/02...e_java_update/
Oracle has brought forward the timetable of an upcoming Java security update by two weeks in order to block off an in-the-wild security hole.
The update, originally scheduled for 19 February, was released a fortnight early on Friday because of "active exploitation 'in the wild' of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers".
The update covers 50 flaws, 49 of which are remotely exploitable. More than half (26) of the bunch carry the maximum Common Vulnerability Scoring System (CVSS) risk score of 10.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump