All,

In anticipation of the demand for a single Java plug-in release for E-Business customer browsers, Oracle has just released the new Sun JRE build 1.6.0_24 build 7 (a.k.a. JRE 6u24, 1.6.0_24-b07) which fixes the mismanaged cookie issue AND the security flaw announced last week as part of an off-cycle Critical Patch Update for February.

I would recommend you review the link below to Steven Chan’s note on this fix and make plans to apply this build to your EBS environment as soon as possible.  For those of you with firewalls and not patching because “it ain’t broke”, please remember that the FBI estimates that over 70% of all security breaches are committed by a knowledgeable person INSIDE the firewall…

http://blogs.oracle.com/stevenChan/2011/02/sun_jre_160_24_ebs.html

Good news from Steven Chan and Oracle!!

thx,

John