Java security flaw threatens Windows and Linux Virus

By Derek Sooman on
Not made public until just today, but detected in June by Finnish security researcher Jouko Pynnonen, a flaw in Sun Microsystems's plug-in for running Java on a variety of browsers and operating systems could cause a nasty virus. In a nutshell, the security flaw allows a malicious Web site to run a java applet free from security protections.

"It allows execution of attacker-supplied code without user interaction (apart from viewing a Web page) which usually means a "critical" classification." - Pynonnen.

A problem on the PC is certainly confirmed (Linux and Windows), but the jury is still out as to whether the Apple is similarly affected, given that Java is a cross platform language. Java was patched last month by Sun Microsystems, but details of the flaw were not made public until today. According to the Pynonnen, the flaw can be used to create exploits which can do anything the victim normally could, including browse, modify or run files, upload more programs to the victim's system.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.