The discontinued set of Cobalt servers have been struck another blow with the news of a second "extremely critical" security hole in as many months.

The latest hole allows for remote system access. Sun has not gone into any further details but has issued a patch. At the same time, another patch fixes other less critical vulnerabilities that could be used to gain higher privileges on a system.

This hole comes on top of another in February, which again allowed for system access from a remote location. That time another three less-critical patches were released at the same time. And in January, yet another "highly critical" hole was found, combined with two others. See here for a full list of problems.

None of this looks good for the thousands of companies running Cobalt servers for web hosting and development environments.

Sun chose the Christmas period to announce it would no longer support the Cobalt servers but has vowed to provide support for them for three years.