> Because of the shame and brand damage of making such a terrible product?
From the article: this is the first Java zero day in two years.
Now how many other products we use all the time have had no zero days found for two years? Chrome? Windows? No.
What's more, it's not totally clear that this is even a problem in Java itself, seeing as it apparently relies on a Windows-specific common controls library exploit? There aren't enough details in the report to say, but it seems likely that this is somehow (ab)using AWT to trigger a bug in Microsoft's code.
From the article: this is the first Java zero day in two years.
Now how many other products we use all the time have had no zero days found for two years? Chrome? Windows? No.
What's more, it's not totally clear that this is even a problem in Java itself, seeing as it apparently relies on a Windows-specific common controls library exploit? There aren't enough details in the report to say, but it seems likely that this is somehow (ab)using AWT to trigger a bug in Microsoft's code.