Update your Java

After you update your Flash (see below), then you should also update to the latest version of Java. Secunia’s software advisory states

A vulnerability has been reported in Sun Java Web Start, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error within the Java Web Start component (javaws.exe) when processing JNLP files. This can be exploited to cause a stack-based buffer overflow via a specially crafted JNLP file with an overly long codebase attribute. Successful exploitation allows execution of arbitrary code e.g. when a user visits a malicious website.

The vulnerability is reported in the following versions:
* JRE and JDK 6 Update 1 and earlier
* JRE and JDK 5 Update 11, and earlier

You can find the latest version at the Java Downloads page, look for “Java Runtime Environment (JRE) 6u2”

Leave a Reply