Current Activity - Oracle Releases Sun Java SE 1.6.0_20

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Oracle Releases Sun Java SE 1.6.0_20

Original release date: April 16, 2010 at 9:13 am
Last revised: April 16, 2010 at 4:55 pm


Oracle has released Sun Java SE 1.6.0_20 to address several
vulnerabilities. The release notes for this version of Java SE
indicate that these vulnerabilities are in Java Deployment Toolkit and
the new Java Plug-in. Exploitation of these vulnerabilities may allow
a remote, unauthenticated attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the following
documents and apply any necessary updates or workarounds to help
mitigate the risks:
  * Oracle security alert CVE-2010-0886
  * Sun Java SE 1.6.0_20 release notes
  * US-CERT Vulnerability Note VU#886582

Please note that web browsers using the plug-in version of the Java
Deployment Toolkit may not be properly updated. Users of these web
browsers should follow the workaround provided in US-CERT
Vulnerability Note VU#886582.

Relevant Url(s):
<http://java.sun.com/javase/6/webnotes/6u20.html>

<http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0886.html>

<http://www.kb.cert.org/vuls/id/886582>

====
This entry is available at
http://www.us-cert.gov/current/index.html#oracle_releases_sun_java_se

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS8jQPz6pPKYJORa3AQJV9ggAsUbQ4TqZwZiJV4cPF32anBkSfRcmZIBl
ZEoIXNlT2IA9GHZR4QVra4WPOyNsgJTWO6V/T/9NXsiJKTXg3/PWoalwm4EmgiUS
tllZKyoOMA5aTKiqep0k5wS/uIHJDjxhzfhfM8/r7UWTIBOnuwKOeDp+60X9Zmzd
yuCPpKwGgmb0liSd6lQ452UcqH0FVKa3VVd/rxf7CNsSBSXppHFbe4lSpHB1ZYQe
2FMQKVOIFnxEYdsIrVqd3LrNehcb0R9S2c3rzDaXo0cmvfIT/cZgIVxaFvezzrqj
5CRoAMhEPSnyXsJCq0Js5bWCtH4wAK6l2K3uHoY2pEymzgNr5q585Q==
=4l/x
-----END PGP SIGNATURE-----