Less than a week after Oracle patched a zero-day security vulnerability in its Java software, another exploit has been sold by hackers on the black web. The vulnerability potentially poses a threat to millions of PCs running Java. The US Department of Homeland Security advised users to disable the software just last week after another serious security vulnerability was discovered.
The current exploit is being sold by the hacker for up to $5000 each in both source code and weaponised variants. The effect of this exploit is not currently known, however security blogger Brian Krebs has suggested that this exploit may be more serious than the last, and is likely to remain under-the-radar for longer.