Oracle has issued a massive Java SE and Java for Business update to fix 29 security vulnerabilities that could be exploited to take complete control of vulnerable computers.
According to Oracle, 28 of these vulnerabilities could be
remotely exploitable without authentication (over a network without the need for a username and password).
The patches are available for Windows, Linux and Solaris users. Apple’s Mac OS X is also vulnerable but security updates for that operating system is usually delayed for several months.
According to Oracle’s advisory, 15 of the 29 vulnerabilities carry the maximum 10.0 CVSS severity rating.
Due to the threat posed by a successful attack, Oracle strongly recommends that affected users apply the available patches “as soon as possible.”
You can use use this link to run a quick scan to determine whether the Java environment installation on your machine is up to date: http://java.com/en/download/installed.jspWindows users should be very careful when applying Java updates. The company has an annoying history of bundling third-party software (browser toolbars) that are pre-checked by default.
During the installation process, be sure to uncheck any boxes that install software that you don’t need (for example MSN toolbar).
(ZDN)