1 comment

[ 3.1 ms ] story [ 14.1 ms ] thread
This isn't what the article says at all. It's two years to fix all the known security holes, not two years to fix the 0day.

"HD Moore, chief security officer with Rapid7, a company that helps businesses identify critical security vulnerabilities in their networks, said it could take two years for Oracle to fix all the security bugs that have currently been identified in the version of Java that is used for surfing the Web."