Sun patches at least 14 bugs in Java
No details yet on vulnerabilities or what risk they pose
Computerworld - Sun Microsystems Inc. patched at least 14 vulnerabilities in Java yesterday as it updated the popular software to Version 6.0, Build 11.
The release notes for Java 1.6.0_11, as Sun dubbed the update, skimped on details about the security flaws that were patched, but it listed a total of 14 alerts, each of which will presumably provide information about at least one vulnerability.
Those alerts have not yet been published, however, leaving users in the dark about the specifics of what has been patched.
Sun also addressed 34 nonsecurity problems with 1.6.0_11, ranging from a data-corruption bug to a compatibility issue with some Java-based games.
Windows users, who account for the bulk of Java's installs, can update by clicking on the Java icon in the Control Panel, clicking on the "Update" tab, then clicking the "Update Now" button. Users running other operating systems can grab the newest version from Sun's Web site.
Mac OS X users must wait for Apple Inc. to craft its own Java update. Unlike rivals such as Microsoft Corp., Apple maintains its own version of Java and is responsible for delivering patches to Sun's software.
If the past is an accurate indicator, Apple's customers may not receive yesterday's Java fixes for months. When Apple refreshed Java in late September, for instance, it fixed more than two-dozen vulnerabilities, some of which had been patched in updates for Java for Windows, Linux and Solaris as far back as March 2008.
Apple has been frequently criticized for its sluggish patching of third-party components, particularly open-source code, that it bundles with its operating system. More than a year ago, Charles Miller, a researcher at Independent Security Evaluators LLC, called Apple's inability to keep up with open-source fixes "negligent." More recently, Miller and others took Apple to task for not scheduling updates, instead releasing them at any time during the month.
Users can check to see which version of Java their machines are currently running by visiting this page on the Sun site.
Read more about Security in Computerworld's Security Topic Center.
- 5 Ways Dropbox for Business Keeps Your Data Protected Protecting your data isn't a feature on a checklist, something to be tacked on as an afterthought. Download here to find out how...
- The Keys to Securing Data in a Collaborative Workplace Losing data is costly. IT professionals have spent years learning how to protect their organizations from hackers, but how do you ward off...
- Evaluating File Sync and Share Solutions: 12 Questions to Ask about Security File sync and share can increase productivity, but how do you pick a solution that works for you? Download to learn some important...
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!