Go Back   Ultimate Web Site Drop Down Menu Forum > News and Information > General Web Trends and News
Reload this Page Sun Pushes Emergency Java Patch
Register FAQ Members List Calendar Today's Posts

Reply
View First Unread View First Unread  
Thread Tools Display Modes
Unread 04-16-2010, 05:53 PM
sl4shd0t
Posts: n/a
  #1  
Default Sun Pushes Emergency Java Patch
Trailrunner7 writes "In a sudden about-face, Sun has rushed out a Java update to fix a drive-by download vulnerability that exposed Windows users to in-the-wild malware attacks. The patch comes less than a week after Sun told a Google researcher it did not consider the issue serious enough to warrant an out-of-cycle patch and less than a day after researchers spotted live exploits on a booby-trapped Web site. The flaw, which was also discovered independently by Ruben Santamarta, occurs because the Java-Plugin Browser is running 'javaws.exe' without validating command-line parameters. Despite the absence of documentation, a researcher was about to figure out that Sun removed the code to run javaws.exe from the Java plugin. The about-face by Sun is another sign that some big vendors still struggle to understand the importance of working closely with white hat researchers to understand the implications of certain vulnerabilities. In this case, Google's Tavis Ormandy was forced to use the full-disclosure weapon to force the vendor into a proper response."pa href="http://www.facebook.com/sharer.php?u=http%3A%2F%2Fit.slashdot.org%2Fstory% 2F10%2F04%2F15%2F1944212%2FSun-Pushes-Emergency-Java-Patch" target="_blank" title="Share on Facebook"img src="http://a.fsdn.com/sd/facebook_icon_large.png"/a a href="http://twitter.com/home?status=Sun+Pushes+Emergency+Java+Patch%3A+htt p%3A%2F%2Fbit.ly%2Fb3eDqo" target="_blank" title="Share on Twitter"img src="http://a.fsdn.com/sd/twitter_icon_large.png"/a/ppa href="http://it.slashdot.org/story/10/04/15/1944212/Sun-Pushes-Emergency-Java-Patch?from=rss"Read more of this story/a at Slashdot./ppa href="http://feedads.g.doubleclick.net/~at/UOTuMjq_BAWl5oqdyZTFCb9HgRw/0/da"img src="http://feedads.g.doubleclick.net/~at/UOTuMjq_BAWl5oqdyZTFCb9HgRw/0/di" border="0" ismap="true"/img/abr/a href="http://feedads.g.doubleclick.net/~at/UOTuMjq_BAWl5oqdyZTFCb9HgRw/1/da"img src="http://feedads.g.doubleclick.net/~at/UOTuMjq_BAWl5oqdyZTFCb9HgRw/1/di" border="0" ismap="true"/img/a/pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotDevelopers/~4/Sde2UEIbXKE" height="1" width="1"/

More...
Reply With Quote
Reply

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:39 PM.

Contact Us - UDM4 Forum - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.0.1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.