[ insider_reports_insider ]
Several Flaws Fixed In Flash, Java
David Utter
Staff Writer
2007-07-16
 Insider Reports RSS Feed
The presence of the Flash Player and the Java Runtime Environment on millions of PCs worldwide makes them a massive target for attackers.
 | | Several Flaws Fixed In Flash, Java |  |
Both Adobe and Sun Microsystems recently had to patch a number of flaws in two of the Internet's most widely used technologies.
Security firm F-Secure noted new updates for Flash arriving from Adobe, and Java patches released by Sun.
The Flash security update corrected critical vulnerabilities that could have allowed a malicious SWF to allow someone to take control of a remote system.
Users of Flash 9 on Windows, Mac, Solaris, and Linux can download updated Flash Players, if automated updates have not done so already. People who have to use Flash Player 7 will find a patched version of that product available from a separate download.
Image parsing code in Sun's JRE could allow an untrusted applet to elevate its privileges within the environment.
A buffer overflow condition could have led to a malicious applet being able to read or write local files, or execute applications. Also, a second vulnerability would lead to such an applet to hang the Java Virtual Machine.
Sun recommends updating the JRE with fixed versions on Windows, Solaris, and Linux.
---
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
