Sun java update process vulnerable



The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could specifiy the version of the JRE to use in dealing with java components on the page. Sun’s advisory here on the issue. The story is from the SecurityFix and I’m bothered by the same point that get’s Brian about this update….


Why oh why???? if the vulnerability is that OLDER versions of JRE remain on disk without a MANUAL uninstall, can’t they AUTOMATICALLY uninstall the older versions with the update installer!!!!

Fortunately, Sun has uninstall instructions. Brian said he had a laptop that had no fewer than 4 version’s of Sun’s Java. Given that many of the updates would solve security vulnerability issues, please take the time to analyze systems to make sure that they not only have the most recent version, BUT ALSO have removed the older versions of Sun’s JRE.

Related Posts

Blog Traffic Exchange Related Posts
  • Remote Tech Support with x11vnc and wrapper script So, the idea is that I wanted something "like" the Ultranvnc Single Click download, only for linux. The main idea being is that if someone is looking for a bit of desktop tech support on linux, we don't need to be giving instructions for 5 different package managers, or source......
  • But it's brand new, how could it have so many updates? This morning I was doing a fresh install of Windows XP SP2 into a Virtual Machine. So far, things are fine I went through windowsupdate and found 3 updates the first time, then rebooted and hit windowsupdate again to see 55 updates available. A lot of times when I set......
  • Microsoft Releasing out of Cycle Patch for Internet Explorer Exploit Take a look at the official announcement. They've moved outside the usual update cycle for this one. VERY good move Microsoft to get this patch in before the holidays as it looks as though there's been a spike in the use of this particular exploit and with people doing a......
Blog Traffic Exchange Related Websites
  • The Complete Yachtmaster: Sailing, Seamanship, and Navigation for the Modern Yacht Skipper by Tom Cunliffe This week I am posting the book review early as Friday is a holiday. Happy 4th of July all! Although this book was written primarily for the UK market, there is still plenty of great advice for boaters around the world and it can easily be adapted for owners in......
  • Steadfast Finances was Hacked, Now Restored. (Thanks HostGator!) Last week, several lines of "seemingly malicious code" found its way into SF's theme. This prompted Google, Firefox, Google Chrome and even Twitter, to quickly label this blog as a "Reported Attack Site". If you happened to visit SF from the RSS feed, the email subscriber list, or basically clicked......
  • Comparison Between Free Of Charge And Paid Web Comparison between free of charge and paid Web security software has turn into a main subject of discussion amongst probably the most of all computer users recently. Numerous people who have employed both free of charge as well as paid Web security software place their strong opinions. Although many people......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site