Sun Microsystems is moving quickly to provide a fix for a security flaw in Java, which allows hackers to pose as trusted publishers to gain access to systems.
The flaw, exposed by researchers at Princeton University, lies in version 1.1.1 of the Java Development Kit, which does not subject applets from ?trusted? publishers - denoted by a digital signature - to normal security checks. Sun?s HotJava browser also contains the loophole.
The Princeton Safe Internet Programming team posted a warning of the security breach on its Web site on Tuesday. "The flaw we found allows an applet to change the system?s idea of who signed it," according to the warning notice.
"The applet can get a list of all signers known to the local system, determine which of those signers is trusted, and then the applet can re-label itself so it appears to have been signed by a trusted signer," it explains.
The Princeton team said it would release more details of the flaw once Sun has posted a fix for it, which according to the company, should be ready on Thursday. Release 1.1.2 of JDK is scheduled for release next month.
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth