Anything can happen in the next half hour
|
|
|
Oracle patches some Java flaws carrying the highest possible threat
INFORMATION TECHNOLOGY GIANT Oracle is releasing patches for a number of Java software vulnerabilities, only a month after Microsoft warned that hackers were targeting flaws in the programming language more than ever before.
The company is releasing a collection of 17 fixes for multiple security vulnerabilities In Java SE, otherwise known as the Java Platform, which allows developers to create and deploy Java applications on desktops and servers and as well as in embedded environments.
Oracle said the threat from a successful attack is so high that the software needs to be updated immediately. Vulnerabilities fixed with these patches rate as high as 10 in severity on the 10 point common vulnerability scoring system (CVSS).
All of the Java vulnerabilities are exploitable over a network without the need for a username and password, and Windows, Solaris and Linux are all affected. The products affected are JDK and JRE 6 Update 25 and earlier, JDK and JRE 5.0 Update 29 and earlier, and the SDK and JRE 1.4.2_31 and earlier.
Last month Microsoft reported that hackers were focusing on attacking Java vulnerabilities more than ever before. For example, in the third quarter of last year the number of serious Java attacks increased to fourteen times the number of attacks seen in the previous quarter. µ
Tags: Security
Share this:
Share
I've caught viruses three times in the decade since I switched to using a Wintel PC. Every time it was Java that was to blame. I've had enough and I uninstalled Java about a month ago. I'm not missing it at all. In fact, I haven't yet come across a single web site which requires it. I think you're better off without it.
A security update and then it asks if you wish to install a freaking (yahoo) toolbar.
Is that some sort of oracle sense of humor?