They’re really hammering away at Sun Microsystems Inc’s Java and Netscape Communications Corp’s Navigator at Princeton, and a team of Princeton University researchers said they have now discovered another security weakness in Java, described as the most serious flaw yet. The team told the Wall Street Journal that unscrupulous people that discovered the flaw could boobytrap a Web page on the Internet, and seize control of the browser software of any machine that logged into that page, and thereby start wreaking havoc on the user’s computer. Sun acknowledges that it is a serious bug, and says that it is already testing a software fix and hopes to distribute it to Netscape and other users in about two days. It notes that problems so far have been correctable details in the way the Java code is written, and not problems with its basic design.
