Sun java update process vulnerable



The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could specifiy the version of the JRE to use in dealing with java components on the page. Sun’s advisory here on the issue. The story is from the SecurityFix and I’m bothered by the same point that get’s Brian about this update….


Why oh why???? if the vulnerability is that OLDER versions of JRE remain on disk without a MANUAL uninstall, can’t they AUTOMATICALLY uninstall the older versions with the update installer!!!!

Fortunately, Sun has uninstall instructions. Brian said he had a laptop that had no fewer than 4 version’s of Sun’s Java. Given that many of the updates would solve security vulnerability issues, please take the time to analyze systems to make sure that they not only have the most recent version, BUT ALSO have removed the older versions of Sun’s JRE.

Related Posts

Blog Traffic Exchange Related Posts
  • 7 Updates coming from Microsoft in July We can expect 7 updates next week from Microsoft on the monthly patch day for July. Four of the updates will be for Windows, and 3 for Microsoft Office. There will be at least one critical update for each. It's expected that we'll see an update for the Excel issues......
  • Apple Quicktime and OS X updates to patch multiple security vulnerabilities Apple has released Quicktime v. 7.1 for both Windows and OS X to address about 12 vulnerabilities. It looks as though all of the vulnerabilities were related to either a specially crafted images or movies (a variety of formats...) Upgrade or use another viewer... Affected file formats are.... Jpegs, Flashpix,......
  • But it's brand new, how could it have so many updates? This morning I was doing a fresh install of Windows XP SP2 into a Virtual Machine. So far, things are fine I went through windowsupdate and found 3 updates the first time, then rebooted and hit windowsupdate again to see 55 updates available. A lot of times when I set......
Blog Traffic Exchange Related Websites
  • Steadfast Finances was Hacked, Now Restored. (Thanks HostGator!) Last week, several lines of "seemingly malicious code" found its way into SF's theme. This prompted Google, Firefox, Google Chrome and even Twitter, to quickly label this blog as a "Reported Attack Site". If you happened to visit SF from the RSS feed, the email subscriber list, or basically clicked......
  • Apple Releases iOS 5 Final Version - Download Now [Links] Earlier in June this year, Apple announced the next major release to iOS at WWDC 2011. This new iOS 5 includes 200+ new features for iPhone, iPad & iPod Touch. I had compiled all the major iOS 5 features in a blog post after WWDC 2011. Apple released 7 beta......
  • Apple Seeds iOS 5 Beta 3 to Developers Apple has just seeded iOS 5 Beta 3 Build 9A5259f to Apple Developers. iOS 5 Beta 3 is available for the following devices: iPad iPad 2 iPhone 4 GSM + CDMA iPhone 3GS iPod Touch 3G & 4G Apple TV This version is available only to registered Apple Developers ($99......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site