Sun Updates for Multiple Vulnerabilities in Java
- Sun Java
- Most web browsers
In order to use certain web site features, you may have downloaded and installed Sun Java software. Vulnerabilities in Sun Java could allow an attacker to gain control of your computer.
If you have Sun Java installed, then you should apply updates from Sun to remedy these vulnerabilities. Follow these instructions to update your version of Java:
- From the Start menu, open the Control Panel.
- Open the Java Control Panel by clicking the Java icon.
- Select the Update tab and click the Update Now button. (If you do not see an Update tab, your version of Java does not support updates, or you must log in as an Administrator.)
We also recommend enabling Automatic Updates for Java. To enable Automatic Updates for Java, select the Check for Updates Automatically check box in the Update tab of the Java Control Panel.
Note: Java version 1.3 does not provide Automatic Updates; you must update manually. To manually update Java, refer to the Java Downloads web page.
If you install the latest version of Java, older versions of Java may remain installed on your computer. If these versions of Java are not needed, you may wish to remove them. For instructions on how to remove older versions of Java, refer to the following instructions from Sun.
Turn off Java in the Web BrowserTurning off Java in your web browser will prevent attackers from using this vulnerability to take control of your computer. For instructions on how to disable Java in your web browser, refer to the Securing Your Web Browser document.
Vulnerabilities in Sun Java may allow an attacker to access your computer, install and run malicious software on your computer, or cause it to crash. An attacker could exploit these vulnerabilities by convincing you to view a malicious web document.
For more technical information, see US-CERT Technical Alert TA07-022A.
- Technical Alert TA07-022A - <http://www.us-cert.gov/cas/techalerts/TA07-022A.html>
- Vulnerability Notes for Sun Java Vulnerabilities - <http://www.kb.cert.org/vuls/byid?searchview&query=VU%23388289,VU%23102289,VU%23149457,VU%23939609>
- Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>
- Download Java Software - <http://java.com/download/index.jsp>
- Can I remove older versions of the JRE after installing a newer version? - <http://www.java.com/en/download/faq/5000070400.xml>
January 22, 2007: Initial release