Sun Microsystems has warned of a security hole in Java that could allow hackers to infiltrate Java environments and execute unauthorised commands.
According to a security bulletin issued by the company this week, Sun said certain versions of the Java Runtime Environment (JRE) could allow malicious Java code to run unauthorised commands.
However, since JRE's default setting prevents unauthorised commands, Sun claimed the exploitation of the vulnerability would be rare.
"It is like leaving your house door open. The default is for you to lock it, but if you leave it open, anyone could get in," said a spokesman, who explained that the flaw could be exploited if permission to execute at least one command is granted.
According to Sun, there have been no reported instances of the hole being exploited but that JRE and Java Developer Kit versions 1.2.2_005 and 1.2.1_003, and earlier releases, could be affected.
The company also warned that the flaw could be exploited in Java implementations from its licencees but said a remedy has been made available to them. However, Sun said Netscape Navigator and Microsoft Internet Explorer, which use Java technology, are not exposed to the vulnerability.
Could be used for everything from search-and-rescue robots to wearable tech
Don't require the rare material being mined from the mountains of South America
IBM hopes that its new tool will avoid bias in artificial intelligence
Found by calculating the strength of the material deep inside the crust of neutron stars