Microsoft Java VM bitten by security bug

According to the Princeton Secure Internet Programming Team, a group of security experts, a flaw in Microsoft's Java Virtual Machine (JVM) could potentially give hackers access to user's systems

Paul Thurrott

August 30, 1999

1 Min Read
ITPro Today logo in a gray background | ITPro Today

According to the Princeton Secure Internet Programming Team, a group of security experts, a flaw in Microsoft's Java Virtual Machine (JVM) could potentially give hackers access to user's systems over the Internet. The bug, which affects Internet Explorer 4.0 and 5.0, as well as other products, allows hackers to view, modify, or delete files on the user's system. They could also conceivably copy a virus or other destructive program to the machine.

"The bug is in Microsoft's Java virtual machine, so any software that could take Java code off the Net and feed it to that virtual machine would be vulnerable," said Ed Felten, associate professor of computer science at Princeton University. Felten's claim to fame, of course, was his "IE removal program," which was thrust into the limelight during the Microsoft antitrust trial.

When Felton's group alerted Microsoft to the problem, the company responded by issuing a patch that eliminates the vulnerability. You can find out more, and download the patch, from the Microsoft Web site.

Microsoft will issue the patched version of the JVM in future products, such as Internet Explorer 5.01 and Windows 2000.

"We are unaware of anyone that has been affected by this issue, but encourage users to download the update to ensure they are protected," a Microsoft spokesperson said

Read more about:

Microsoft

About the Author

Paul Thurrott

Paul Thurrott is senior technical analyst for Windows IT Pro. He writes the SuperSite for Windows, a weekly editorial for Windows IT Pro UPDATE, and a daily Windows news and information newsletter called WinInfo Daily UPDATE.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like