I was just guessing on Monday when I said that the Java security patch pushed by Oracle on Sunday was ???too little too late.??? This appears to have been a lucky good guess on my part, as word is out now that the Java browser plugin still isn’t safe.
At least that’s what Brian Krebs is reporting on his blog Krebs On Security. Evidently there’s a black hat on a hacker forum who’s offering-up info to two buyers on a new vulnerability in the latest and greatest version of Java (that would be version 7, update 11) for the sum of $5,000 each.