Fake Microsoft And Amazon Emails Exploit Java Security Vulnerability

It had to happen. Oracle left the door open for too long and the criminals have walked in.

Email phishing campaigns have been spotted in the wild that take advantage of the Java vulnerability that has remained unpatched for 4 months.

And when Oracle did finally issue an update it contained a flaw that will allow hackers to circumvent the patch.

Best advice is to temporarily disable Java in the hope that Oracle solves the Java security issues. You will probably find that you don’t really need it anyway.
As this Forbes article says:

…after watching Oracle’s first failed attempt to solve Java’s security issues last week, users should strongly consider tossing the buggy plug-in regardless of how the software firm responds. 

Beware Fake Microsoft And Amazon Emails Exploiting Java Security Vulnerability – Forbes