Oracle has patched serious fault in Java, is hackers use to install malware. Safety updates Java SE 6 Update 20 Java patch vulnerabilities that researchers Tavis Ormandy of Google has posted more openly for safety mailing list Full-Disclosure. As said by Mr. Ormandy, all versions of Java for Windows are "sticky" error. Other OS running Java is not affected.

Oracle notes, file JNLP without parameters won’t work with codebase updates Java SE 6 update 20. This means that developers must determine the codebase parameter in the JNLP file. Roger Thompson, research director of antivirus maker AVG Technologies, said lyrics site by mistake redirected users to server having attack code use of vulnerabilities discovered by Mr. Ormandy, "injection" of this nasty code for victims.