From; Panda Oxygen3 24h-365d wrote: "All good books have one thing in common - they are truer than if they had really happened." Ernest Hemingway (1889-1961) US novelist. - Vulnerability in Java Runtime Environment - Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com) Madrid, June 16, 2005 - Sun has reported, at http://sunsolve.sun.com/search/document.do?assetkey=1-26-101749-1, that a critical vulnerability has been detected in Java Runtime Environment, which could be exploited through untrusted applets to elevate privileges. The vulnerability could allow a website to host Java applets that, when view, could get around the security policies in affected systems. The applets could read and write files on vulnerable systems or run local applications with the same privileges as the user running the malicious applet. The versions affected by this vulnerability are J2SE 1.4.2_07 and earlier for Windows, Solaris and Linux, and Java 2 Platform Standard Edition(J2SE) 5.0 and 5.0 Update 1 for Windows, Solaris and Linux. To prevent this exploit, it is recommendable to update to the new versions: Java 2 Platform Standard Edition(J2SE) 5.0 Update 2: http://java.sun.com/j2se/1.5.0/download.jsp J2SE 1.4.2_08: http://java.sun.com/j2se/1.4.2/download.html NOTE: The addresses above may not show up on your screen as single lines. This would prevent you from using the links to access the web pages. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL. ------------------------------------------------------------ The 5 viruses most frequently detected by Panda ActiveScan, Panda Software's free online scanner: 1) Mhtredir.gen; 2) Netsky.P; 3) Sdbot.ftp; 4) Qhost.gen; 5) Sdbot.DYO. ------------------------------------------------------------ To contact with Panda Software, please visit: http://www.pandasoftware.com/about/contact/ ------------------------------------------------------------ *********** MIKE"S REPLY SEPARATOR *********** Mike ~ It is a good day if I learned something new. Editor MikesWhatsNews see a sample on my web page http://www3.telus.net/mikebike <mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe> http://www3.telus.net/mikebike/worm_removal.htm See my Anti-Virus pages http://virusinfo.hackfix.org/index <virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe> A Technical Support Alliance and OWTA Charter Member