Another security issue with Java reportedly allows attackers to bypass Java sandboxing and gain control of the host PC. According to the reports, this affects all version of the last three Java releases 5,6 and 7, and the exploit should be present on Java installations on Windows, Mac OS X and Linux operating systems where Java is enabled - so, kind of A Big Deal. Fortunately, it has not been seen in the wild yet, but this is getting kind of ridiculous, is it not?
The bug lets attackers violate the “type safety” security system in the Java Virtual Machine. “A malicious Java applet or application exploiting this new issue could run unrestricted in the context of a target Java process such as a Web browser application...".ArsTechnica