On November 7, in a security notice, Canonical published details about an Icedtea-Web vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, and Ubuntu 10.04 LTS operating systems.
According to Canonical, the Icedtea-Web plugin could have been made to crash or run programs as your login if it opened a specially crafted web page.
It was discovered that if a user was tricked into opening a malicious website, an attacker could have caused the plugin to crash or possibly execute arbitrary code, as the user invoking the program.
For a more detailed description of the security problems, you can visit Canonical's security
notification.
Users can simply fix the security flaws by upgrading the operating systems to the latest icedtea-7-plugin and icedtea-6-plugin, specific to each distribution.
A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
