Oracle delivered an unusual emergency patch to its ubiquitous Java software Sunday to fix a malicious bug that allowed hackers access to users’ Web browsers. But some security experts continued to warn users Monday to stay away amid lingering concerns about the company’s ability to react quickly to security problems.
The latest security hole came to light last week after the Department of Homeland Security raised an alarm about the security hole. Even after Oracle released the patch, the agency recommended that users disable Java “unless it is absolutely necessary,” citing continuing problems with the program’s overall security.
Oracle confirmed that it had released a new patch, but did not return a call for comment on the lingering concerns.
Security experts estimate that Java is used in 3 billion machines, about 2 billion of which are desktop or laptop computers. The program was a backbone of Web sites in the early days of the Internet.