If you haven’t already made the leap to Java 5.0, you’ll want to at least update the version you’re using. The just-released versions 1.4.2_06 and 1.3.1_13 plug a security hole in the Java Plug-In for Windows, Linux, and Solaris, whereby a malicious applet may gain access to your local file system and do evil things. Java 5.0 is not affected.

The official vulnerability report from Sun contains a pointer to a more technical explanation of the vulnerability.

Hopefully Sun will put the update on Java.com and the automatic Java Update system soon. They seem to be dragging their heels a little, perhaps as a “soft launch” to ensure the update doesn’t produce any serious side effects.

Kevin began developing for the Web in 1995 and is a highly respected technical author. Kev is a world-renowned author, speaker and JavaScript expert. He has a passion for making web technology easy to understand by anyone. Yes, even you!

Get your free chapter of Level Up Your Web Apps with Go

Get a free chapter of Level Up Your Web Apps with Go, plus updates and exclusive offers from SitePoint.


No Reader comments

Related books & courses
Available now on SitePoint Premium

Preview for $1