Sun warns of Java Runtime security flaws


Sun warns of Java Runtime security flaws

Antony Savvas

Windows, Linux, and Solaris operating system users are at risk from a range of critical vulnerabilities in Sun's widely-used Java Runtime Environment.

Java Runtime Environment (JRE) provides the minimum code needed to run Java applications or applets, which are deployed by websites and launched from within a browser.

Sun said the flaws are due to errors in "reflection" APIs (application programming interfaces), and can be used by attackers to take over systems using maliciously-crafted applets to read and write files on a compromised system's hard drive.

Several editions of JRE are threatened by the bugs. These include JRE 1.3.1_16 and earlier, JRE 1.4.2_09 and earlier, and JRE 5.0 Update 4 and earlier.

Sun recommends that users update to newer versions of JRE. Alternatively, users can now download JRE 5.0 Update 6 to get around the problem.

Internet security firm Secunia said the vulnerabilities were potentially critical.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy