mask.of.sanity writes "Flaws have been found in cryptographic systems underpinning host of web applications including those offered by Google, Microsoft, Yahoo and those based on Java among scores of others.
The attacks target weaknesses in the hash algorithms that permit multiple hash collisions to take place.
Ruby On Rails, Mozilla and others have moved to a new hash built by the researchers who found the hole. Java has not."
Link to Original Source