Reported August 21, 2000 by Microsoft
- Microsoft Java VM Series 2000, 3100, 3200, 3300 (installed with Internet Explorer 4.x and 5.x)
By design, the browser-based Java VM runs untrusted Java applets within a security sandbox that restricts the applet's access to user's system. However, a flaw in the sandbox design could allow a Web site operator to use a visiting user's credentials to gain access to protected data.
To determine your Java VM version open a command window and enter the command "jview", which will display the version number.
According to Microsoft's bulletin,
- All 2000 series Microsoft VM customers should install Microsoft VM build 2446
- All 3100 series Microsoft VM customers
should upgrade to build 3309 and install the 3314
3200 series Microsoft VM customers should do
one of the following:
- All 3300 series Microsoft VM customers should install the 3314 security patch
Discovered by Microsoft