Java SE 6 Update 20 Released: Important Security Update Inside


News: Java SE 6 Update 20 Released: Important Security Update Inside

  1. Sun has released update 20 of the Java 6 Standard Edition.

    You get somewhat mixed emotions on this, because, on the one hand, Oracle assured everyone that there really was nothing to worry about with regards to the recently identified security flaw in the Java Web Start tooling, and that they wouldn't be issuing any immediate updates. And then, all of a sudden, they release a new update that seems to address that very problem, demonstrating that it was indeed something serious and needed to be taken care of immediately.

    What do they say? It's never the crime, so much as the cover-up? Not that there's a big cover-up here, but it does seem that Oracle was a tad disingenuous with how serious they were about addressing this security problem. 

    Ryan Naraine from calls it an about-face:

    "The about-face by Sun is another sign that some big vendors still struggle to understand the importance of working closely with white hat researchers to understand the implications of certain vulnerabilities.  In this case, Google’s Ormandy was forced to use the full-disclosure weapon to force the vendor into a proper response."

    Well, the update is out. Get ready for a bunch of annoying little messages poping out of the lower right-hand corner of your Windows desktop informing you of a new update that the Java Update Scheduler wants to install. And it looks like you better install it.

    Threaded Messages (2)

  2. Proof of Java life?[ Go to top ]

    Notice how actionscript comunity was upset about it does not run on iPad.
    And Mono, Unity.

    Java... no one cares to run on iPad.

    Java is dead on the client?
  3. Sun? Really?[ Go to top ]

    Why is Sun even mentioned here?  Its Oracle.  Sun is dead.  The oracle suits probably started invading and had a hand in operations long before the "public" announcement of the finalized deal.