Microsoft and Sun Microsystems are wrestling with the latest security hole to emerge: a flaw in their Java virtual machines that could expose user data to hackers. Both Microsoft and Sun issued advisories on this latest vulnerability.. . .
Microsoft and Sun Microsystems are wrestling with the latest security hole to emerge: a flaw in their Java virtual machines that could expose user data to hackers. Both Microsoft and Sun issued advisories on this latest vulnerability.

A hacker would exploit the hole by using a distrusted Java applet to "listen" to data being transmitted between a client and an HTTP proxy server running a Java VM. Browsers that are not configured to surf via a proxy server are not affected.

Windows 98, 2000, and ME are affected by the problem, as well as all Internet Explorer browsers up to version 5.5. Versions of Netscape's browser, version 6.1 and lower, are also impacted, as are some Solaris and Linux releases that ship with the problematic virtual machine.

Microsoft issued an update to its Java VM this week, while Sun/Netscape have said users should upgrade to the latest version of its browser.

Note:All of article

The link for this article located at InternetWeek is no longer available.