Advertisement
Promo

Security threats Toolkit

Adobe and Sun release critical patches

Tom Espiner ZDNet.co.uk

Published: 16 Jul 2007 12:47 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

IT professionals have been warned to patch vulnerabilities in the Adobe Flash Player application and Sun Java Runtime Environment as soon as possible.

The vulnerabilities mean that employees can get "hacked just by viewing a web page that contains malicious Flash or Java content", warned antivirus company F-Secure in its blog.

Sentry Posts Blog

Sentry Posts Blog
Guarding the network

What you need to know — and what you and your peers have to tell us — about security management in our new community group blog

Read more +

Both Adobe and Sun issued patches for the vulnerabilities in updates last week. The Adobe update addresses an input validation error in Flash Player version 9.0.45.0 and earlier versions that could lead to the potential execution of arbitrary code.

The Sun update links to a patch for a buffer overflow vulnerability in the image-parsing code in the Java Runtime Environment that may allow an untrusted applet or application to elevate its privileges.

The flaw in the Java Runtime Environment could be particularly serious if left unpatched, according to Chris Gatford, a security professional from penetration-testing firm Pure Hacking.

"Java runs on everything: cell phones, PDAs and PCs. This is the problem when you have a vulnerability in something so modular — it affects so many different devices," Gatford told ZDNet.co.uk sister site ZDNet Australia.

"Also, this exploit is browser independent, as long as it invokes a vulnerable Java Runtime Environment," Gatford added.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
3 out of 5 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



Company/Topic Alerts

Create a new alert from the list below:








Related Jobs

Graduate Web Designer ASP/Adobe Photoshop/Dreamweaver/Flash

Developer/Actionscript/Flash/.net or PHP or Java/OO/Yorkshire/28K-30K

Java Developer – Application Support, York, North Yorkshire; J2EE, Websphere / Weblogic, JavaScript, HTML, Spring, Adobe Flex, JSP, Oracle, Linux

Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters