Sun Patches 7 Critical Java Runtime Bugs

Windows, Linux, and Solaris users are at risk from multiple critical vulnerabilities in Sun's popular Java Runtime Environment, the company acknowledges. (Courtesy: TechWeb)

February 9, 2006

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Windows, Linux, and Solaris users are at risk from multiple critical vulnerabilities in Sun's popular Java Runtime Environment, the company acknowledged in a recent security advisory.

Java Runtime Environment (JRE) provides the minimum needed to run Java applications or applets, which are deployed by Web sites and launch from within the browser.

The flaws, said Sun, are due to errors in the "reflection" APIs, and can be leveraged by attackers using maliciously-crafted applets to read and write files on the compromised system's hard drive, or execute programs. Sun, as is its practice, kept mum on details of the vulnerabilities.

Several editions of JRE are threatened by the bugs, including JRE 1.3.1_16 and earlier, JRE 1.4.2_09 and earlier, and JRE 5.0 Update 4 and earlier.

Sun recommended that users update to newer versions of JRE, and provided links in the advisory to those updates. Alternately, users can download JRE 5.0 Update 6 from here.Unlike Microsoft, Sun does not place vulnerabilities in threat or risk categories, but Danish vulnerability tracker Secunia labeled the bugs as a cumulative "Highly critical" problem, its second-highest warning.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights