SUN JAVA Patches
Just about the time we finish the last round of JAVA patches, a new version is available from SUN. It seems Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges.
SUN recommends removing vulnerable versions. What this means is that you can look in add/remove programs at your JAVA versions there. Then take a look in the control panel in the JAVA applet there (on the JAVA tab select view). You can also run java -fullversion at the command prompt although for me that just gave me the latest version.
There are three flavors
JDK and JRE 5.0
SDK and JRE 1.4.2
SDK and JRE 1.3.1
What I would do update each version to its latest release and make sure that no earlier build of that version still exists on your computer.
If you have Java Runtime Environment 5.0 update 4, update that to 6 or whatever the latest version is
from here: http://java.sun.com/j2se/1.5.0/download.jsp
Same with 1.4.2, get that here: http://java.sun.com/j2se/1.4.2/download.html
The latest 1.3.x is here: http://java.sun.com/j2se/1.3/download.html
Make sure you uninstall the earlier versions. Installing a new version will leave you with both installed. Also you want the java run time environment not the SDK (Softare Development Kit). The website is sort of confusing.
Categories
General0 TrackBacks
Listed below are links to blogs that reference this entry: SUN JAVA Patches.
TrackBack URL for this entry: http://www.infosecblog.org/mt-tb20071121.pl/96
Leave a comment
Powered by Ajax Comments