ZDNet: Tech Update: Security / The biggest flaw you never saw
A few days ago, Microsoft announced a security hole in its version of the Java Virtual Machine (JVM). According to reports at the time, malicious code could be installed into the JVM that could report what Web sites had been visited or what names and passwords you'd entered. The reports were partly wrong.
First of all, the JVM vulnerability wasn't limited to Microsoft; it covered all JVMs, across many operating systems and distributions. The risk was therefore a lot greater than the reports would indicate. Second, by the time you heard about the problem, it was already fixed; Microsoft, Sun, and every other vendor that was distributing JVM code had already received the patches, integrated them, and had made them available to its users.
No comments:
Post a Comment