Java issues prompt more Norway warnings / News / The Foreigner

Java issues prompt more Norway warnings. Software security experts are again advising computer users take precautions when using Java. Following this month’s banking security problems, new issues have been found in security, people are now being warned that their computers are at risk with whatever Java software or browser they are using. The error appears to affect Java SE 5, 6 and 7 and all of the versions of Oracle released in the last eight years. The last critical error only affected the latest version of the software, however.

norwayonlinebanking, javasecurityflaw, computersnorway



The Foreigner Logo

The Foreigner is an online publication for English speakers living or who have an interest in Norway. Whether it’s a glimpse of news or entertainment you’re after, there’s no need to leave your linguistic armchair. You don’t need to cry over the demise of the English pages of Aftenposten.no, The Foreigner is here!

Norske nyheter på engelsk fra Norge. The Foreigner er en engelskspråklig internett avis for de som bor eller som er interessert i Norge.

Google+ Google+ Twitter Facebook RSS RSS



News Article

LATEST:

}

Java issues prompt more Norway warnings

Published on Friday, 28th September, 2012 at 09:33 under the news category, by Lyndsey Smith   .
Last Updated on 28th September 2012 at 10:37.

Software security experts are again advising computer users take precautions when using Java.

Dedicated servers
Dedicated servers
Photo: Michal Maros/Wikimedia Commons


Following this month’s banking security problems, new issues have been found in security, people are now being warned that their computers are at risk with whatever Java software or browser they are using.

The error appears to affect Java SE 5, 6 and 7 and all of the versions of Oracle released in the last eight years. The last critical error only affected the latest version of the software, however.

Whilst fortunate the problem has only been discovered by the security experts, the issue could allow people to hack into a computers browser and take control.

Security Explorations are now recommending that people turn off JavaScript in their browser’s while using internet banking until a solution can be found for the problem.

“We've recently discovered yet another security vulnerability affecting all latest versions of Oracle Java SE software. The impact of this issue is critical - we were able to successfully exploit it and achieve a complete Java security sandbox bypass in the environment of Java SE 5, 6 and 7,” the company writes in a statement.

Staff say they found Java SE 5 Update 22 (build 1.5.0_22-b03), Java SE 6 Update 35 (build 1.6.0_35-b10), and Java SE 7 Update 7 (build 1.7.0_07-b10) to be vulnerable.

“The newly discovered bug is special for several reasons. We discovered it exclusively for JavaOne 2012 [1]. Finally, the bug allows to violate a fundamental security constraint of a Java Virtual
Machine (type safety).”

Tests were carried out using Firefox 15.0, Google Chrome 21.0.1180.89, Internet Explorer 9.0.8112.16421 (update 9.0.10), Opera 12.02 (build 1578), and Safari 5.1.7 (7534.57.2) in a so-called fully-patched Windows 7 32-bit system.

NorCERT (Norwegian Computer Emergency Response Team) personnel advise computer users update their software products.

"We alerted our constituency, and also warned generally in public in August about the vulnerability in Java. This was a critical vulnerability, for which exploits were publicly known, and at the time had no patch available," a press spokesperson tells The Foreigner.

"NorCERT was also aware of targeted computer attacks against Norwegian businesses exploiting this vulnerability. We are now aware of two new critical vulnerabilities in Java, but these have been responsibly disclosed to Oracle, and we are not yet aware of attacks exploiting these vulnerabilities. However, the vulnerabilities exists and could at any time be discovered independently by attackers, so we are keeping a close eye on the situation."



Published on Friday, 28th September, 2012 at 09:33 under the news category, by Lyndsey Smith   .
Last updated on 28th September 2012 at 10:37.

This post has the following tags: norwayonlinebanking, javasecurityflaw, computersnorway.





  
Do NOT follow this link or you will be banned from the site!