Java Plug-In Security Vulnerability Fixed

If you haven’t already made the leap to Java 5.0, you’ll want to at least update the version you’re using. The just-released versions 1.4.2_06 and 1.3.1_13 plug a security hole in the Java Plug-In for Windows, Linux, and Solaris, whereby a malicious applet may gain access to your local file system and do evil things. Java 5.0 is not affected.

The official vulnerability report from Sun contains a pointer to a more technical explanation of the vulnerability.

Hopefully Sun will put the update on Java.com and the automatic Java Update system soon. They seem to be dragging their heels a little, perhaps as a “soft launch” to ensure the update doesn’t produce any serious side effects.

Related posts:

1. Referrals: Getting Clients To WANT To Plug You Referrals are invaluable because they can be a passive, indirect...
2. Google Working on Answer to Flash, Silverlight, Java Google wants all of us to transition to a world...
3. Security Tip: Update Your Flash Player Adobe applications come under more fire with alerts of serious...
4. Where Next for Sun Microsystems? IBM's bid to take over Sun Microsystems has been rejected....
5. Microsoft Security Essentials: a Review Microsoft Security Essentials may be free but is it any...

This entry was posted on Wednesday, November 24th, 2004 at 6:59 pm, contains 194 words, 6 images, and is filed under Java EE. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed. The views and opinions in this blog post are those of its author.