Sun Java update released to fix several security bugs - SSO-AL2009-039

05 August 2009

Software and platforms affected

The following software is affected

Sun Java Runtime Environment (versions prior to JRE 6 Update 15)

for the following operating system platforms:

Microsoft Windows (any)
Linux (any)

What is the problem?

There are several bugs in the Sun Java Runtime Environment (JRE) if not fixed could result in your computer being attacked by criminals. Your personal and/or business information may be accessed for fraudulent or illegal purposes. It is also possible your computer may crash and become unusable.

The Java Runtime Environment is software that allows you to run a variety of different software programs on different types of computer platforms or devices. The software works in the background of most computers and you may not realise it is installed.

What we recommend you do

The current version of the JRE is version 6, update 15 (1.6.0_15). The easiest way to update this software is to do so via the "Update Now" button in the Java program, if it is already installed.

If you use Microsoft Windows, you can see if JRE is installed by:

1 - Click on the "Start" menu (usually on the bottom left hand side of the screen)
2 - Select "Control Panel" (If you use Windows Vista, select classical view)
3 - Look for the "Java" icon or menu name, if "Java" is listed then it is installed on your computer. Open it up by double clicking on it.
4 - Select the "Update" tab within the "Java Control Panel" program.
5 - Click the "Update Now" button.

You will need to do this from an account that has administrative privileges.

Alternatively, you can update to the latest version of the JRE by downloading and installing the updates recommended by Sun from:

https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=jre-6u15-oth-JPR@CDS-CDS_Developer

Where you can find more information

Information about the bugs can be found here:

http://java.sun.com/javase/6/webnotes/6u15.html

Disclaimer

This Advisory has been prepared by AusCERT for the Department of Broadband, Communications and the Digital Economy.

The information is intended for used by home users and small to medium sized businesses and is general information only and not intended as advice and was accurate and up to date at the time of publishing. The material and information in this Advisory is not adapted to any particular person's circumstances and therefore cannot be relied upon to be of assistance in any particular case. In any important matter, you should seek professional advice relevant to your own circumstances.

The Commonwealth, AusCERT, and all other persons associated with this Advisory accept no responsibility or liability for information either included or referred to in the Advisory. No responsibility or liability is accepted for any damage, loss or expense incurred as a result of the information contained in the Advisory, whether by way of negligence or otherwise.

The listing of a person or organisation in any part of this site or Advisory does not imply any form of endorsement by the Commonwealth of the products or services provided by that person or organisation. Similarly, links to other web sites have been inserted for your convenience and do not constitute endorsement of material at those sites, or any associated organisation, product or service.

Please note that material in this Advisory, as the case may be, includes views or recommendations of third parties, which do not necessarily reflect the views of the Commonwealth, or indicate its commitment to particular course of action. Material on this site or in this Advisory may also include information provided by third parties. The Commonwealth cannot verify the accuracy of information that has been provided by third parties.

		SEARCH
Home Advisories Alerts Newsletters Subscribe or Log In Visit Stay Smart Online	Larger text Smaller text You are here: Stay Smart Online Alert Service > Client applications > Sun Java update released to fix several security bugs - SSO-AL2009-039 Sun Java update released to fix several security bugs - SSO-AL2009-039 05 August 2009 Software and platforms affected The following software is affected Sun Java Runtime Environment (versions prior to JRE 6 Update 15) for the following operating system platforms: Microsoft Windows (any) Linux (any) What is the problem? There are several bugs in the Sun Java Runtime Environment (JRE) if not fixed could result in your computer being attacked by criminals. Your personal and/or business information may be accessed for fraudulent or illegal purposes. It is also possible your computer may crash and become unusable. The Java Runtime Environment is software that allows you to run a variety of different software programs on different types of computer platforms or devices. The software works in the background of most computers and you may not realise it is installed. What we recommend you do The current version of the JRE is version 6, update 15 (1.6.0_15). The easiest way to update this software is to do so via the "Update Now" button in the Java program, if it is already installed. If you use Microsoft Windows, you can see if JRE is installed by: 1 - Click on the "Start" menu (usually on the bottom left hand side of the screen) 2 - Select "Control Panel" (If you use Windows Vista, select classical view) 3 - Look for the "Java" icon or menu name, if "Java" is listed then it is installed on your computer. Open it up by double clicking on it. 4 - Select the "Update" tab within the "Java Control Panel" program. 5 - Click the "Update Now" button. You will need to do this from an account that has administrative privileges. Alternatively, you can update to the latest version of the JRE by downloading and installing the updates recommended by Sun from: https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=jre-6u15-oth-JPR@CDS-CDS_Developer Where you can find more information Information about the bugs can be found here: http://java.sun.com/javase/6/webnotes/6u15.html Disclaimer This Advisory has been prepared by AusCERT for the Department of Broadband, Communications and the Digital Economy. The information is intended for used by home users and small to medium sized businesses and is general information only and not intended as advice and was accurate and up to date at the time of publishing. The material and information in this Advisory is not adapted to any particular person's circumstances and therefore cannot be relied upon to be of assistance in any particular case. In any important matter, you should seek professional advice relevant to your own circumstances. The Commonwealth, AusCERT, and all other persons associated with this Advisory accept no responsibility or liability for information either included or referred to in the Advisory. No responsibility or liability is accepted for any damage, loss or expense incurred as a result of the information contained in the Advisory, whether by way of negligence or otherwise. The listing of a person or organisation in any part of this site or Advisory does not imply any form of endorsement by the Commonwealth of the products or services provided by that person or organisation. Similarly, links to other web sites have been inserted for your convenience and do not constitute endorsement of material at those sites, or any associated organisation, product or service. Please note that material in this Advisory, as the case may be, includes views or recommendations of third parties, which do not necessarily reflect the views of the Commonwealth, or indicate its commitment to particular course of action. Material on this site or in this Advisory may also include information provided by third parties. The Commonwealth cannot verify the accuracy of information that has been provided by third parties.
	Last Updated: 2009-08-05 Copyright \| Privacy \| Disclaimer