Oracle released update 20 for Java SE JDK 6 and Java SE JRE 6. The update addresses the Alert for CVE-2010-0886 vulnerability. As described by Oracle, the vulnerabilities
". . . only affect Java when running in a 32-bit web browser. These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For a successful exploit, a user running an affected release in their browser will need to visit a malicious web page that exploits this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user's system."
Download Update: Java SE Runtime Environment 6u20
Please check add/remove programs to ensure that you have uninstalled all prior (and vulnerable) versions of SunJava.
Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.
References:
- Release Notes
- Critical Patch Updates and Security Alerts
- Map to Public Vulnerability to Advisory/Alert
Clubhouse Tags: Clubhouse, Security, Vulnerabilities, Updates, Java
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment