Oracle Releases Sun Java SE 1.6.0_20

Oracle has released Sun Java SE 1.6.0_20 to address several vulnerabilities. The release notes for this version of Java SE indicate that these vulnerabilities are in Java Deployment Toolkit and the new Java Plug-in. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the following documents and apply any necessary updates or workarounds to help mitigate the risks:

Oracle security alert CVE-2010-0886
Sun Java SE 1.6.0_20 release notes
US-CERT Vulnerability Note VU#886582

Please note that web browsers using the plug-in version of the Java Deployment Toolkit may not be properly updated. Users of these web browsers should follow the workaround provided in US-CERT Vulnerability Note VU#886582.

This product is provided subject to this Notification and this Privacy & Use policy.

Oracle Releases Sun Java SE 1.6.0_20

Please share your thoughts

CISA Releases Eight Industrial Control Systems Advisories

Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog

Oracle Releases Sun Java SE 1.6.0_20

Please share your thoughts

Related Advisories

CISA Releases Eight Industrial Control Systems Advisories

Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA Adds One Known Exploited Vulnerability to Catalog