The Channel logo


By | Dan Goodin 5th October 2007 00:32

Sun patches multiple flaws in Java

'Highly critical' bugs leave Windows, Linux and Solaris users open to attack

Sun Microsystems has issued patches for several vulnerabilities in its Java Runtime Environment that leave users on Windows, Linux and Solaris wide open.

By our count, there are 11 separate vulnerabilities plaguing versions 6, 5, 1.4 and 1.3 of the JRE, Sun said on its security blog.

Miscreants could use the "highly critical" bugs to read or alter sensitive information stored on a vulnerable machine, bypass security restrictions and compromise systems, according to an alert from Secunia.

Java's write-once-run-anywhere sales pitch, it would seem, applies equally to vulnerabilities, since it makes users of some of the most hardened systems susceptible to crippling attacks.

Sun acknowledged a host of researchers for discovering the flaw. They included Billy (BK) Rios, Peter Csepely, Giorgio Maone Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao and David Byrne. ®

comment icon Read 3 comments on this article alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe