The Inquirer-Home

Oracle patches some Java flaws carrying the highest possible threat

Ten on the scale of threat ratings
Tue Jun 07 2011, 14:32

INFORMATION TECHNOLOGY GIANT Oracle is releasing patches for a number of Java software vulnerabilities, only a month after Microsoft warned that hackers were targeting flaws in the programming language more than ever before.

The company is releasing a collection of 17 fixes for multiple security vulnerabilities In Java SE, otherwise known as the Java Platform, which allows developers to create and deploy Java applications on desktops and servers and as well as in embedded environments.

Oracle said the threat from a successful attack is so high that the software needs to be updated immediately. Vulnerabilities fixed with these patches rate as high as 10 in severity on the 10 point common vulnerability scoring system (CVSS).

All of the Java vulnerabilities are exploitable over a network without the need for a username and password, and Windows, Solaris and Linux are all affected. The products affected are JDK and JRE 6 Update 25 and earlier, JDK and JRE 5.0 Update 29 and earlier, and the SDK and JRE 1.4.2_31 and earlier.

Last month Microsoft reported that hackers were focusing on attacking Java vulnerabilities more than ever before. For example, in the third quarter of last year the number of serious Java attacks increased to fourteen times the number of attacks seen in the previous quarter. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?