- Related Stories
-
Apple corrects patch trouble
March 13, 2006 -
Mac OS X patch faces scrutiny
March 7, 2006 -
Sun plugs serious holes in Java
November 29, 2005 -
Java flaws open door to hackers
June 14, 2005
The Java 2 Standard Edition 5.0 Release 4 update, issued Monday, fixes a vulnerability in Java Web Start. The hole could allow a specially crafted application to bypass security restrictions and access resources on a system, potentially giving entry to an intruder. Java Web Start is a technology that loads Java applications over a network such as the Internet.
The update also patches a set of bugs in the "reflection" application programming interface, or API, parts of the Java Runtime Environment. These flaws could also allow an attacker to bypass security barriers to take control of a system.
The French Security Incident Response Team, or FrSIRT, rated the issues "critical" in an alert posted Tuesday.
The issues affect Mac OS X version 10.4.5 and the corresponding server edition of the operating system, which have Java 2 built into them. Apple advises people with this software to download and install the J2SE update.
The Java problems also have an impact on Microsoft Windows, Sun Microsystems' Solaris and Linux. In February, Sun issued an alert for the Web Start flaw and the Java Runtime Environment issues in these operating systems.
Santa Clara, Calif.-based Sun said at the time that it did not believe that the Web Start vulnerability had been exploited.
See more CNET content tagged:
Java, Java 2, J2SE, JRE, attacker
What's a Mac?
I thought Apple just made iPods. :-)
I don't know if anyone other than Microsoft employees qualify as "MS fanboys". Windows users have a healthy relationship with their computers. We don't worship them. :-)
Raise a glass to 'em the next time you are at the bar.
What's a Mac?
I thought Apple just made iPods. :-)
I don't know if anyone other than Microsoft employees qualify as "MS fanboys". Windows users have a healthy relationship with their computers. We don't worship them. :-)
Raise a glass to 'em the next time you are at the bar.
So is Apple the only one to have fixed this?
OR
Is Apple the last one to fix this?
Of course this bug comes courtesy of Sun so it's hardly fair to blame anyone but them.
So is Apple the only one to have fixed this?
OR
Is Apple the last one to fix this?
Of course this bug comes courtesy of Sun so it's hardly fair to blame anyone but them.
Given this was an update to the Java runtime system, that included enhancements, as well as fixes, I can't figure out the "news" angle.
But I guess some alarmism is needed to keep as many viewers as possible.
So according to what you say, something isn't "news" if YOU'VE already heard about it. It's irrelevant to those of us that are hearing it for the first time, because as long as YOU'VE heard about it, then there's no need to tell anyone else about it.
All hail Mr. Thomas! He is the center of the Universe!
Given this was an update to the Java runtime system, that included enhancements, as well as fixes, I can't figure out the "news" angle.
But I guess some alarmism is needed to keep as many viewers as possible.
So according to what you say, something isn't "news" if YOU'VE already heard about it. It's irrelevant to those of us that are hearing it for the first time, because as long as YOU'VE heard about it, then there's no need to tell anyone else about it.
All hail Mr. Thomas! He is the center of the Universe!
are already in 10.4.6. That should have been included since many
people would think from reading it that they are pass an issue the
article says is associated with 10.4.5.
- More missing information
- by J.G. April 19, 2006 7:01 PM PDT
- The article also does not make it clear that up-to-date Mac users
- Reply to this comment
-
(40 Comments)are already in 10.4.6. That should have been included since many
people would think from reading it that they are pass an issue the
article says is associated with 10.4.5.