Oracle issues patch for Java loopholes Published duration 31 August 2012

image caption Java is used on tends of millions of computers around the world

Oracle has issued a patch for loopholes in its Java program that was being actively abused by cyber-thieves.

The software giant took the unusual step of issuing the patch well before the usual date for security updates.

The patch closes loopholes that together left users of almost every operating system vulnerable to infection by viruses.

Tens of thousands of machines are believed to have been infected by viruses that exploit the bugs.

Oracle typically issues security patches for Java every quarter but it tore up the usual schedule because the bugs were being increasingly abused.

Security firms said code to exploit the loopholes had been recently added to the popular Blackhole crimeware kit. This software package is an all-in-one computer crime kit that makes it easy for those with little technical knowledge to become cyber-thieves.

Adding code to the kit would hugely boost the numbers of malicious hackers trying to compromise computers running Java.

Java is a widely-used programming language designed to let developers write programs once that can then be run, with minimal changes, on any computer. Oracle claims Java is used on more than one billion desktop computers.

Some sites use it to add extras to their webpages that can be used via a browser add-on or plug-in. Some games, including Runescape and Minecraft, are built around Java.