Sun plugs serious holes in Java
Sun Microsystems has fixed five security bugs in Java that expose computers running Windows, Linux and Solaris to hacker attack.
The flaws are “highly critical,” according to an advisory from Secunia posted Tuesday. Vulnerabilities that get that ranking–one notch below “extremely critical,” the security monitoring company’s most severe rating — typically open the door to a remote intruder and to full compromise of the system.
All the flaws affect the Java Runtime Environment, or JRE, in computers loaded with Microsoft Windows, Linux or Sun’s own Solaris operating system. This is the software many computer owners have on their system to run Java applications. The bugs could allow an intruder to use a Java application to inappropriately read and write files, or to run code on a victim’s computer, Sun said in three separate security advisories released late Monday.
Go to the Sun Java web site, download the current Java runtime environment (or the SDK, if you are a programmer), and install it.