Google Researcher Details Java Bug

The bug is due to a design flaw in Java.

By Kara Reeder | Posted Apr 12, 2010
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
Computerworld reports that Google researcher Tavis Ormandy says he has notified Oracle about a Java virtual machine bug that attackers could use to run unauthorized programs on a computer. Ormandy says Oracle told him that it did not consider this vulnerability to be of high enough priority to break its quarterly patch cycle. He does not agree, and has decided to publish details of the bug.

The bug is not due to a programming error, but rather a design flaw in Java, making it particularly nasty. It affects "all versions since Java SE 6 update 10 for Microsoft Windows," says Ormandy.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter