Most of the proposed solutions have drawbacks or are applicable only to certain system configurations and environments. However, the hope is that in the absence of an official patch from Oracle users will be able to use one or a combination of them in order to reduce the risk of their systems being compromised.

Researchers from security firm FireEye announced the existence of the new Java vulnerability on Sunday and reported that .

A working proof-of-concept exploit appeared online the next day and was integrated into Metasploit, an open-source security testing tool used by many penetration testers.

The new vulnerability is considered extremely critical and can be exploited to execute malicious code on a system by simply visiting a maliciously crafted Web page from a Web browser that has the Java plug-in enabled.

The only recommendations that most security professionals have given to users in order to protect their systems from attacks targeting this vulnerability was to uninstall Java or at least disable the Java Web plug-in from their browsers.