Oracle confirms Java 7 Update 15 vulnerability, but researchers are still unhappy. Researchers urged Oracle to reevaluate their submissions of weaknesses in the Java 7 Update 15 after the company acknowledged only one of the two vulnerabilities discovered regarding a full sandbox bypass is a concern, and simply determined the second vulnerability to be accepted behavior of the update.