Windows, Linux, and Solaris operating system users are at risk from a range of critical vulnerabilities in Sun's widely-used Java Runtime Environment.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Java Runtime Environment (JRE) provides the minimum code needed to run Java applications or applets, which are deployed by websites and launched from within a browser.
Sun said the flaws are due to errors in "reflection" APIs (application programming interfaces), and can be used by attackers to take over systems using maliciously-crafted applets to read and write files on a compromised system's hard drive.
Several editions of JRE are threatened by the bugs. These include JRE 1.3.1_16 and earlier, JRE 1.4.2_09 and earlier, and JRE 5.0 Update 4 and earlier.
Sun recommends that users update to newer versions of JRE. Alternatively, users can now download JRE 5.0 Update 6 to get around the problem.
Internet security firm Secunia said the vulnerabilities were potentially critical.