Jump to content

Attackers Pounce On Zero-Day Java Exploit


brucefidalgo

Recommended Posts

I was pretty sure I didn't but I did check my Firefox browser and I don't have the Java plugin installed. I think my roomy's old XP machine has the Java plugin though. That's something I'm definitely going to look into. Thanks for the heads up on this new Java exploit Bruce.

Link to comment
Share on other sites

I was pretty sure I didn't but I did check my Firefox browser and I don't have the Java plugin installed. I think my roomy's old XP machine has the Java plugin though. That's something I'm definitely going to look into. Thanks for the heads up on this new Java exploit Bruce.

i turned off javaScript in chrome but could not get into my gmail so i turned it back on again. i sandboxed Java in comodo def+ but don't know if this will protect me..Javascript is not Java so does not need to be turned off..

Link to comment
Share on other sites

If it's sandboxed then no permanent changes to your system should take place as long as it remains that way. Do you still have access to your email client with Java sandboxed? I was also wondering how well the NoScript add-on would protect you against this type of exploit? NoScript gives you pretty much total control over which applets you choose to let load including Java scripts on a site by site basis. So I think that would give you some protection.

Link to comment
Share on other sites

Wow! Oracle usually doesn't release updates other than their own planed release schedule so you know this is not the norm. It's good they're addressing this issue sooner than later in this is instance in my opinion.

After i saw this i installed java again and sandboxed it with def+ during install just to play around with it. A few hours later i uninstalled it aqain because i don't think i need it and if i play in a snake pit a might get bitten..lol

Link to comment
Share on other sites

Even though Oracle issued a security update for Java 7 runtime it has been found to still contain vulnerabilities. Click here for more details. So I guess it's back to the drawing board for Oracle.

i thought this would happen that more security holes would be found. it looks like it will always be this way with java.
Link to comment
Share on other sites

http://nakedsecurity.sophos.com/2012/09/03/java-security-hole-microsoft/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security ...Online scammers are using a recent email from Microsoft as bait in a widespread spam campaign that exploits vulnerabilities in Oracle’s Java software to install malicious programs on vulnerable systems.
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...