Sun has released updates for Java SE. These updates address multiple vulnerabilities in Java Runtime Environment (JRE), Java Web Start, Java Management Extensions (JMX), JDK, and Java Runtime Environment Virtual Machine. These vulnerabilities may allow a remote attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information or cause a denial-of-service condition.
DarkFiber Consulting encourages users to review the following Sun Alerts and apply any necessary updates:
- Sun Alert 238628 – Security Vulnerabilities in the Java Runtime Environment related to the processing of XML Data
- Sun Alert 238666 – A Security Vulnerability with the processing of fonts in the Java Runtime Environment may allow Elevation of Privileges
- Sun Alert 238687 – Security Vulnerabilities in the Java Runtime Environment Scripting Language Support
- Sun Alert 238905 – Multiple Security Vulnerabilities in Java Web Start may allow Privileges to be Elevated
- Sun Alert 238965 – Security Vulnerability in Java Management Extensions (JMX)
- Sun Alert 238966 – Security Vulnerability in JDK/JRE Secure Static Versioning
- Sun Alert 238967 – Security Vulnerability in the Java Runtime Environment Virtual Machine may allow an untrusted Application or Applet to Elevate Privileges
- Sun Alert 238968 – Security Vulnerabilities in the Java Runtime Environment may allow Same Origin Policy to be Bypassed
DarkFiber Consulting will provide additional information as it becomes available.