Computer security experts are warning about a new vulnerability involving the ubiquitous Java plug-in, which allows programs to be run inside a web browser. Oracle, the creator of Java, has long been criticized for allowing security exploits in its software to go unchecked. The latest vulnerability, which has been circulating since last week, could allow hackers to gain access to a user's computer with a so-called "drive-by download." While surfing the web, a user may be prompted to accept a legitimate-looking download, which triggers an attack. Experts suggest users should uninstall Java.
