Internet Explorer and Netscape Communicator, the two leading web browsers, last week fell victim to a new security hole in Java, further undermining confidence in the Sun platform.
The bug affects implementations of the Java Virtual Machine (JVM) in the Microsoft and Netscape browsers. It can infiltrate corporate firewalls and allow a Java applet to steal image files and Java classes from any web server, even one on a corporate intranet, without the user's permission.
According to Ben Mesander, the US Java developer who found the bug, the security manager in web browsers should prevent such downloads from occurring.
However, he claims that is not the case and image files and Java classes could pass through a company firewall in both IE and Communicator.
Microsoft claims the bug poses very little threat to users, saying a hacker would need to know intimate details about the images and class files he wanted to steal. However, Mesander argues it would not be too difficult for a determined individual to find the name of such files.
The bug affects both the current and the forthcoming 4.0 release of IE.
Mike Pryke-Smith, product manager for developer tools at Microsoft, confirmed the company was working on a fix.
After first denying there was a problem with its browser, Netscape later posted a fix on its web site.
Allen died from complications of non-Hodgkin's lymphoma
Stanford researchers made the discovery via data from Greenland
Created via a thin, flexible, and transparent hierarchical nanocomposite film
Rolls Royce will use AI powered by Intel's Xeon Gold processors and SSDs for memory