Slashdot Mirror

← Back to Stories (view on slashdot.org)

Another Java Security Hole in Windows

Posted by timothy on from the but-that-'s-unpossible dept.

tanveer1979 writes: "An article in The Times of India reports that Sun and Miscrosoft have released a joint bulletin about a security hole in the JVM code."

7 of 26 comments (clear)

  1. Why link to newspapers for this sort of thing? by Account+10 · · Score: 3, Interesting

    The full details are in the security bulletin and this includes the technical details that us /. readers like.

    1. Re:Why link to newspapers for this sort of thing? by Account+10 · · Score: 4, Informative
      Sun's part of the joint release includes the Netscape versions affected


      The full and custom installations of Netscape 6.1, 6.0.1, and 6.0
      are affected since they include an affected version of the
      Java Runtime Environment. The default Java runtime environments of
      Netscape(TM) Communicator version 4.79 and earlier are affected.
  2. Sun and Microsoft and DOJ announce exploit in JVM by spike666 · · Score: 4, Funny

    In a rare press conference featuring Sun Microsystems, Microsoft and the Department of Justice, a exploit was found regarding usage of the Java Virtual Machine under the Windows (95/98/NT/2000/XP/CE) environment. Apparently usage of said JVM is likely to increase the amount of lawsuits filed by these 2 companies, leading to a bogging down of the DOJ's case queue. the DOJ is currently recommending that you cease using your computer, pick up a pen and paper and use them instead. One Anonymous DOJ spokesman said "We've found that we can reduce our case load by 30% if all users of computers stop and just go ahead and use pens, pencils, paper and the abacus. If it was good enough for Confucius, it's good enough for America!"

    Curiously, no comment was issued by Larry Ellison, Chief Entertainment Officer, Oracle Corporation.

  3. The Microsoft VM by spike2131 · · Score: 3, Insightful

    According to Microsoft's bugtraq report, its not the Java Virtual Machine that has the problem, its the "Microsoft Virtual Machine"... I thought that was cute, kinda like claiming the ".html" extention maps to a "Microsoft HTML Document", as I've seen under the Windows defaults.

    This seems to be the direct result of IE forsaking proper applet support for that crappy Active X-plugin-thing we now have to put up with.

    --
    SpyDock: Scientific Python in a Docker container
  4. Um, hello people? by Muggins+the+Mad · · Score: 3, Informative


    From the security advisory:

    Affected Releases:

    Windows Production Releases.
    Solaris Production Releases.
    Linux Production Releases.

    It's not specific to Windows.

    Maybe the editors really don't read these things.

    - MugginsM

  5. Original Vulnerability Report by Carl · · Score: 3, Informative
    See the following page for the original vulnerability report by Harmen van der Wal (as acknowledged by Sun). He even tested the Free Java implementations GNU Classpath and Kaffe.

    http://www.xs4all.nl/~harmwal/issue/wal-01.txt

  6. Another? by pmz · · Score: 4, Insightful

    Why is the article title "Another Java Security Hole in Windows"? The title seems to be assuming that there are many, as if really saying, "Oh no! Another Java Security Hole in Windows? What will I do?!?!" Rather, there have been suprisingly few security holes in Java considering the inherent complexity of the JVM and the Java APIs. There are other pieces of popular software that we need to be much more concerned about.

    --
    Healthcare article at Kuro5hin