Google's Security team has discovered vulnerabilities in the Sun Java Runtime Environment that threatens the security of all platforms, browsers and even mobile devices.

"This is as bad as it gets," said Chris Gatford, a security expert from penetration testing firm Pure Hacking.

Advertisement

"It?s a pretty significant weakness, which will have a considerable impact if the exploit codes come to fruition quickly. It could affect a lot of organizations and users," Gatford told ZDNet Australia.

Australia's Computer Emergency Response Team (AusCERT) analyst, Robert Lowe, warned that anyone using the Java Runtime Environment or Java Development Kit is at risk.

"Delivery of exploits in this manner is attractive to attackers because even though the browser may be fully patched, some people neglect to also patch programs invoked by browsers to render specific types of content," said Lowe.

Article

More Info

Don't ya just love scare storys with no advice at all. As it is this issue it seems was fixed two versions ago, anyone running Java 6 update 1 or later is covered (update 2 being the most recent version):

http://sunsolve.sun.com/search/printfriend...y=1-26-102934-1

I just upgraded from 1.6.0 to 1.6.0 Update 2 few days ago.

Likewise got update 2 today.

I always have Java disabled anyway.

Am I right in thinking windows does not come with Java pre-installed, you have to download it and install it yourself?

If so I don't think I even have it on my PC.

Can't say I miss it.