Sun warns of Java Runtime security flaws

Windows, Linux, and Solaris operating system users are at risk from a range of critical vulnerabilities in Sun's widely-used Java Runtime Environment.

Windows, Linux, and Solaris operating system users are at risk from a range of critical vulnerabilities in Sun's widely-used Java Runtime Environment.

Java Runtime Environment (JRE) provides the minimum code needed to run Java applications or applets, which are deployed by websites and launched from within a browser.

Sun said the flaws are due to errors in "reflection" APIs (application programming interfaces), and can be used by attackers to take over systems using maliciously-crafted applets to read and write files on a compromised system's hard drive.

Several editions of JRE are threatened by the bugs. These include JRE 1.3.1_16 and earlier, JRE 1.4.2_09 and earlier, and JRE 5.0 Update 4 and earlier.

Sun recommends that users update to newer versions of JRE. Alternatively, users can now download JRE 5.0 Update 6 to get around the problem.

Internet security firm Secunia said the vulnerabilities were potentially critical.

Read more on Business applications

SearchCIO
SearchSecurity
SearchNetworking
SearchDataCenter
SearchDataManagement
Close