TechTarget

Oracle releases critical patch to fix 17 security flaws in Java SE

Oracle has released a critical patch to fix 17 security vulnerabilities across Java standard edition (SE) products.

Oracle has released a critical patch to fix 17 security vulnerabilities across Java standard edition (SE) products.

The Java 6 update 26 for Windows, Solaris and Linux provides fixes for affected products, including JDK 5.0 update 29 and earlier, JDK and JRE 6 update 25 and earlier, and SDK 1.4.2_31 and earlier.

Oracle said: "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply fixes as soon as possible."

In a blog post, Chester Wisniewski, a security researcher at Sophos, said all but one of the vulnerabilities affect Java Runtime Environment software in web browsers.

"We have seen great success among attackers using flaws in Java to exploit Windows computers, but also a broader experimentation with building malware that will run on Mac and Linux," he said.

Chester Wisniewski added: "I recommend testing out your standard OS images without the Java plug-in. Most people aren't using Java these days and it reduces the attack surface for exploits delivered over the internet."

The next Oracle Java SE critical patch updates is due on 18 October 2011.

 

Picture courtesy of Peter Kaminsky

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close