Java Users at Risk

'Highly critical' vulnerabilities affect older versions of the JRE.
There are a number of really good reasons to update to the latest version of Java. Not the least of which is the fact that older versions of the Java Runtime Environment have now been reported to be at risk from seven highly critical vulnerabilities.

Sun advisory number 102171 describes the vulnerabilities and is titled, "Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges."

According to security firm Secunia, various unspecified errors in the "reflection" APIs cause the vulnerabilities, which could lead to a system compromise.

Sun's advisory does not specify what the actual errors are. A Sun spokesperson was not immediately available for comment.

The first advisories related to the vulnerabilities in the "reflection" APIs date back to at least November when the company issued Sun Alert ID: 102003, which identified three vulnerabilities.

IBM issued its own "technote faq" in December.

This article was first published on InternetNews.com. To read the full article, click here.






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.