All of them are cross-platform vulnerabilities and are fixed but, despite the fact that Java is a software installed on a large number of systems, most users ignore or pay very little attention to existing updates. Nor does it help to solve this situation the fact that the Java updater itself, scheduled by default to be updated on the 14th of each month, sometimes does not recognize the existence of updates. Also, being a program that runs in the background, many people are not aware of its existence, unlike other applications such as Adobe Reader.
However, despite this alarming growth, with honorable exceptions, this impressive increase in the exploitation of Java vulnerabilities has had little medical impact and, according to Comments from Microsoft itself, it is possible that Internet providers (usually the first to sound the alarm when new ways to exploit vulnerabilities appear) find it difficult to find an effective solution to this problem, especially because of the impact on the performance of the ISP's own intrusion detection system.
Although the number of threats that take advantage of Java software vulnerabilities are still few compared, for example, to those malware families most detected by antivirus firms, the exponential growth of them alerts us that something is cooking and, from the ESET laboratory in Ontinet.com, we recommend reviewing the version of our Java software, either using the updater itself that incorporates or third-party applications such as Secunia Software Inspector.
Source: Protect yourself
