Linked by David Adams on Tue 12th Jul 2011 19:08 UTC, submitted by HAL2001
ACROS Security has discovered a vulnerability in Sun Java, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading an executable file in an insecure manner when an out of memory condition occurs.
Thread beginning with comment 480502
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Member since:2006-09-16
That's a pretty lame reason.
Yes, a flaw in the JVM is scary, just as flaws in kernels or popular libraries are.
The trade-off is that applications written in Java are less likely to have dangerous flaws than applications which execute directly, such as those written in C++.
As kernel and VM developers are much more likely to be aware of security than typical application programmers, I'll take that trade.
Member since:2009-05-19
Member since:2005-11-13
Then you're not on Windows, I guess? Considering you're such a security nut. Or you're just a person with a personal grudge against Java.
Well, Windows itself is not inherently insecure, unless you run insecure programs, like Java. For this reason, I don't run Java at all, and only Flash when absolutely necessary, with Flashblock turned on at all times, except for a handful of sites that I have whitelisted.
(Of course, Java itself isn't actually a program if you want to get technical about it, which makes it even worse.)
Edited 2011-07-12 21:45 UTC
Member since:2005-11-15
The last Java update had patches for 29 vulnerabilities, 15 of which are highly severe. Java is very insecure, and is a big gateway for PC penetration.
http://blogs.pcmag.com/securitywatch/2010/10/oracle_updates_java_to...
Edited 2011-07-12 20:49 UTC
Member since:2006-05-09
Member since:2006-01-23
Member since:
2005-11-13
Just one more reason why I won't be installing Java on my machine anytime soon.