| Serial Java fault-finder Adam Gowdiak has embarrassed Oracle yet again.
Gowdiak hit the headlines last year when he reported a vulnerability, waited for Oracle's response, and then upped the ante with a comeback vuln.
It's déjà vu all over again, with the Polish researcher publicly bragging about two brand-new vulnerabilities he's found even since Oracle's most recent patch just a week ago.
Gowdiak, who claims in his tagline to "bring security research to the new level," is critical of the way Oracle patched the latest hole.
He implies that although it locked the office door in update 7u11, Oracle left the entrance to the building open, which he considered as good as an invitation to find another way in. Read More .. |
JB via nakedsecurity.sophos.com, 4 months ago