Sun: 1.9 million downloads of Java fix

news

Nov 30, 20041 min

No actual attacks reported based on security vulnerability

Sun Microsystems on Tuesday said there have been 1.9 million downloads of an upgraded version of J2SE to correct a possible security vulnerability in the JVM, although there have been no attacks reported based on the problem.

The upgrade is Version 1.4.2_06 and it is available at www.java.com as well as at www.sun.com/developers.

The vulnerability involved Java Plug-in technology in the SDK and the Java Run-time Environment that allows hackers to bypass the Java sandbox and applet security. A remote attacker could execute hostile applets to access arbitrary files or the JVM user’s network.

To ensure an effective download of the new version of J2SE, Sun recommends that users use the manual download or static installer.

SecurityEndpoint Protection

by Paul Krill

Editor at Large

Follow Paul Krill on X

Paul Krill is editor at large at InfoWorld. Paul has been covering computer technology as a news and feature reporter for more than 35 years, including 30 years at InfoWorld. He has specialized in coverage of software development tools and technologies since the 1990s, and he continues to lead InfoWorld’s news coverage of software development platforms including Java and .NET and programming languages including JavaScript, TypeScript, PHP, Python, Ruby, Rust, and Go. Long trusted as a reporter who prioritizes accuracy, integrity, and the best interests of readers, Paul is sought out by technology companies and industry organizations who want to reach InfoWorld’s audience of software developers and other information technology professionals. Paul has won a “Best Technology News Coverage” award from IDG.

Show me more

Topics

About

Policies

Our Network

More

Sun: 1.9 million downloads of Java fix

No actual attacks reported based on security vulnerability

More from this author

Claude Code AI tool getting auto mode

TypeScript 6.0 arrives

New JetBrains platform manages AI coding agents

VS Code now updates weekly

Google adds vibe design to Stitch UI design tool

OpenAI buys Python tools builder Astral

Java future calls for boosts with records, primitives, classes

Edge.js launched to run Node.js for AI

Show me more

Cloudflare launches Dynamic Workers for AI agent execution

Oracle adds pre-built agents to Private Agent Factory in AI Database 26ai

Speed boost your Python programs with new lazy imports

How to build desktop apps in Typescript with Electrobun

Write and run assembly in Python with Copapy

Run AI Models Locally on Your PC — No Cloud Required (LM Studio Guide)