Sun Microsystems has fixed a pair of security bugs in Java that could be exploited by attackers to take over computers running Windows, Linux and Solaris.
The flaws are "highly critical," security monitoring company Secunia said in an advisory posted Tuesday. Flaws that get that ranking--one notch below Secunia"s most severe "extremely critical" rating--are typically remotely exploitable and can lead to full system compromise.
Both flaws affect the Java Runtime Environment, or JRE. This is the Java software many computer users have on their system to run Java applications. The bugs could allow a Java application to read and write files or execute applications on a victim"s computer, Sun said in two separate security advisories released Monday.
Solution:
- Update to J2SE 5.0 Update 2 or 1.4.2_08 for Windows, Solaris, and Linux. (According to Secunia)