Java
Article
By Kevin Yank

Java Plug-In Security Vulnerability Fixed

By Kevin Yank
Help us help you! You'll get a... FREE 6-Month Subscription to SitePoint Premium Plus you'll go in the draw to WIN a new Macbook SitePoint 2017 Survey Yes, let's Do this It only takes 5 min

If you haven’t already made the leap to Java 5.0, you’ll want to at least update the version you’re using. The just-released versions 1.4.2_06 and 1.3.1_13 plug a security hole in the Java Plug-In for Windows, Linux, and Solaris, whereby a malicious applet may gain access to your local file system and do evil things. Java 5.0 is not affected.

The official vulnerability report from Sun contains a pointer to a more technical explanation of the vulnerability.

Hopefully Sun will put the update on Java.com and the automatic Java Update system soon. They seem to be dragging their heels a little, perhaps as a “soft launch” to ensure the update doesn’t produce any serious side effects.

--ADVERTISEMENT--

Login or Create Account to Comment
Login Create Account
Recommended
Sponsors
Get the most important and interesting stories in tech. Straight to your inbox, daily.Is it good?