Warning this article may contain opinions of the author that you and iTWire don't agree with.
Visit the last page to have your say in our forum.

No. 1 Story

Mobile operators get fixed price spectrum renewal in $3b Government windfall

The Government has offered Australia's three mobile operators, and vividwireless, renewal of their existing spectrum allocated on 15 year licences in the late 90s and early 2000s at set prices, while the Government expects to rake in $3 billion.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

No Java fix in Mac OS X 10.5.7

Stephen Withers
Wednesday, 20 May 2009 09:24

Opinion and Analysis

Page 2 of 3
In a nutshell, it works by deserialising a maliciously crafted Calendar object in a way that delivers a routine that can be used to define classes with arbitrary privileges.

Microsoft Office 365 Get your free Trial

Related Articles

(See Tinnes' blog for a more detailed description.)

The important point that he makes is that a reliable exploit can be written in Java ("mine is over 500 lines but you can make a simpler version"), and it will work regardless of the hardware, operating system or browser. No platform-specific machine code is needed

"This is close to the holy grail of client-side vulnerabilities," he claimed.

The specific vulnerability used in the example has been patched by Sun, but survives in Java for Mac OS X.

"I believe that since this vulnerability has already been public for almost 6 months, making MacOS X users aware that Java needs to be disabled in their browser is the good thing to do," he wrote.

Tinnes recommends Mac OS X users disable Java in their web browsers.

Tinnes isn't the only one raising the alarm - please read on.


Start 1 2 3 Next 

Sponsored Announcements

Kordia To Deploy ComOps Best Practice Safety and Risk Management Platform

David Bass | ComOps, a leading Australian provider of business software products and services, has won a competitive tender to deploy its Salvus safety, r…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases