Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Determining Sun Java Vulnerability

Published: 2005-12-01
Last Updated: 2005-12-01 20:43:18 UTC
by Robert Danford (Version: 1)
0 comment(s)
A number of folks in the community have written in describing their experiences determining if they are vulnerable to the Java issue mentioned previously.
It appears that depending on your platform/configuration the sunjavaupdate scheduler may not apply the updates or notify the end-user in a timely manner. It appears to check for updates on the one month anniversary of the original install. So it may not check again for quite some time.
The Sun Java download site will determine if an update is needed if you're using IE and ActiveX:
http://www.java.com/download/index.jsp

Also the JavaTester site details all the different methods for determining what if any JDK/JRE is installed:
http://javatester.org/version.html

Also be aware many systems accumulate Java versions over time so you may have more than one installed.

Keywords:
0 comment(s)
Diary Archives