Update 24 of Java 6 has now been released to fix the recently disclosed floating point bug.
When converting the literal "2.2250738585072012e-308" into a floating point number in Java, the bug caused an endless loop that resulted in a full CPU load.
Oracle had apparently known of the flaw for some time and had, after numerous media reports about the hole, provided a hotfix which users were advised to install because information on how to exploit the vulnerability was already freely available.
The hole, which had previously been found in the PHP scripting language, affected both the Java Standard Edition (Java SE) and Java for Business in the current and all previous versions of the Java Development Kit (JDK), and the Java Runtime Environment (JRE) 6, 5 and 1.4. Oracle has also taken the opportunity to updated the bundled Java DB database to the latest version (Java DB 10.6.2.1)
Return to internet news headlines
View Internet News Archive