Alert Number: 120508-01
Alert Date: 12/05/08
Alert Title: Sun Releases Java Update
Update-to: None.
OS/Platform/Application:
All Web Browsers
Category: ALERT
Severity: HIGHLY CRITICAL
Attention: Web Users
Summary: Sun Microsystems has released a newer version of its Java Runtime Environment (JRE) and its Java Web Start component that addresses a series of serious security vulnerabilities in older versions of this software.
Explotation of these vulnerabilities can occur when a web user is exposed to malicious web content targeting the Sun Java software. This software is found on nearly every personal computer that utilizes the World Wide Web.
If the vulnerability is successfully exploited, it can lead to remote access and control of the victim's computer, and exposure of personal and sensitive informtion stored on the computer.
Recommended Actions: Install the newest version of Sun's Java code as soon as possible.
Readers are encouraged to share this alert with family, friends, and associates.
ITS Actions: N/A
Resources:
JDK and JRE 6 Update 11:
http://java.sun.com/javase/downloads/index.jsp
JDK and JRE 5.0 Update 17:
http://java.sun.com/javase/downloads/index_jdk5.jsp
SDK and JRE 1.4.2_19:
http://java.sun.com/j2se/1.4.2/download.html
SDK and JRE 1.3.1_24 (for customers with Solaris 8 and Vintage Support Offering support contracts):
http://java.sun.com/j2se/1.3/download.html
Advisories:
Security Focus:
http://www.securityfocus.com/bid/32620
http://www.securityfocus.com/bid/32608
Secunia:
http://secunia.com/advisories/32991/
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=757
.
