The Latest in IT Security

Oracle Java 6 update 26 available now

08
Jun
2011

Java logoA little over three months since the last update to Java, Oracle has released Java 6 update 26 for Windows, Linux and Solaris.

This update addresses 17 security vulnerabilities and one non-security-related bug. All 17 vulnerabilities allow remote code execution without authentication.

Oracle has rated nine of the flaws as a risk of ten out of ten. All but one of the vulnerabilities affect the Java Runtime Environment client software that runs in your browser.

We have seen great success among attackers using flaws in Java to exploit Windows computers, but also a broader experimentation with building malware that will run on Mac and Linux.

Unfortunately, Mac users will have to wait on Apple to release an update to address these flaws, as Oracle does not provide Java for OS X.

Windows, Linux and Solaris users can download the latest Java from http://java.com/en/download/manual.jsp?locale=en.

If you haven’t already, I recommend testing out your standard OS images without the Java plug-in. Most people aren’t using Java these days and it reduces the attack surface for exploits delivered over the internet.

Don’t confuse JavaScript with Java either; they are totally unrelated. Not installing the Java Runtime Environment (JRE) has no impact on your browser’s ability to render web pages that require JavaScript.

If you require Java, be sure that you deploy this update. If you aren’t sure it may be worth testing your images without it. The less software plugged into your browser, the harder it is for malcontents to exploit your users.

Leave a reply


Categories

SATURDAY, APRIL 20, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks