Sun warns of Java Runtime security flaws


Sun warns of Java Runtime security flaws

Antony Savvas

Windows, Linux, and Solaris operating system users are at risk from a range of critical vulnerabilities in Sun's widely-used Java Runtime Environment.

Java Runtime Environment (JRE) provides the minimum code needed to run Java applications or applets, which are deployed by websites and launched from within a browser.

Sun said the flaws are due to errors in "reflection" APIs (application programming interfaces), and can be used by attackers to take over systems using maliciously-crafted applets to read and write files on a compromised system's hard drive.

Several editions of JRE are threatened by the bugs. These include JRE 1.3.1_16 and earlier, JRE 1.4.2_09 and earlier, and JRE 5.0 Update 4 and earlier.

Sun recommends that users update to newer versions of JRE. Alternatively, users can now download JRE 5.0 Update 6 to get around the problem.

Internet security firm Secunia said the vulnerabilities were potentially critical.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy