Oracle has closed 17 remote execution vulnerabilities in Java, most of which are also present in the browser plug-ins. Oracle fixed at least 17 security vulnerabilities in Java as part of its scheduled update.
Oracle patched 17 security vulnerabilities and one non-security-related issue in its latest update to Java 6, released June 8. All 17 vulnerabilities would allow attackers to remotely execute code on the affected system without authentication, according to the company.

Nine of the flaws were rated at a risk of 10 out of 10 on Windows machines where the main account was the Administrator account, meaning attackers could theoretically take control of the machine. All but one of the vulnerabilities affected the Java Runtime Environment plug-in that runs in the Web browser.

The link for this article located at eWeek is no longer available.