Java is Insecure and Awful, It’s Time to Disable It, and Here’s How

M

MowGreen

Andrew said:
Oracle posted an updated version today (Aug 30).


Perhaps it resolved these vulnerabilities ... perhaps not !

Researchers find critical vulnerability in Java 7 patch hours after release
http://www.cio.com/article/715219/R...erability_in_Java_7_patch_hours_after_release

" Security researchers from Poland-based security firm Security
Explorations claim to have discovered a vulnerability in the Java 7
security update released Thursday that can be exploited to escape the
Java sandbox and execute arbitrary code on the underlying system.

Security Explorations sent a report about the vulnerability to Oracle on
Friday together with a proof-of-concept exploit, Adam Gowdiak, the
security company's founder and CEO said Friday via email.

The company doesn't plan to release any technical details about the
vulnerability publicly until Oracle addresses it, Gowdiak said.
<snip>

Based on the experience of Security Explorations researchers with
hunting for Java vulnerabilities so far, Java 6 has better security than
Java 7. "Java 7 was surprisingly much easier for us to break," Gowdiak
said. "For Java 6, we didn't manage to achieve a full sandbox
compromise, except for the issue discovered in Apple Quicktime for Java
software."

Gowdiak has echoed what many security researchers have said before: If
you don't need Java, uninstall it from your system. "


Ouch !


MowGreen
================
*-343-* FDNY
Never Forgotten
================
 
Y

Yousuf Khan

<http://www.howtogeek.com/122934/jav...wsletter&utm_medium=email&utm_campaign=290812>


As usual, there’s yet another security hole in the Java Runtime
Environment, and if you don’t disable your Java plugin, you’re at risk
for being infected with malware. Here’s how to do it.
My Firefox usually disables most versions of the Java runtime plugin
anyways. Never miss it on websites, but it's still useful in a local
environment, as I have some Java apps that run locally.

Yousuf Khan
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top