INFORMATION TECHNOLOGY GIANT Oracle is releasing patches for a number of Java software vulnerabilities, only a month after Microsoft warned that hackers were targeting flaws in the programming language more than ever before.
The company is releasing a collection of 17 fixes for multiple security vulnerabilities In Java SE, otherwise known as the Java Platform, which allows developers to create and deploy Java applications on desktops and servers and as well as in embedded environments.
Oracle said the threat from a successful attack is so high that the software needs to be updated immediately. Vulnerabilities fixed with these patches rate as high as 10 in severity on the 10 point common vulnerability scoring system (CVSS).
All of the Java vulnerabilities are exploitable over a network without the need for a username and password, and Windows, Solaris and Linux are all affected. The products affected are JDK and JRE 6 Update 25 and earlier, JDK and JRE 5.0 Update 29 and earlier, and the SDK and JRE 1.4.2_31 and earlier.
Last month Microsoft reported that hackers were focusing on attacking Java vulnerabilities more than ever before. For example, in the third quarter of last year the number of serious Java attacks increased to fourteen times the number of attacks seen in the previous quarter. µ