Jump to content
brucefidalgo

Attackers Pounce On Zero-Day Java Exploit

Recommended Posts

I was pretty sure I didn't but I did check my Firefox browser and I don't have the Java plugin installed. I think my roomy's old XP machine has the Java plugin though. That's something I'm definitely going to look into. Thanks for the heads up on this new Java exploit Bruce.

Share this post


Link to post
Share on other sites

I was pretty sure I didn't but I did check my Firefox browser and I don't have the Java plugin installed. I think my roomy's old XP machine has the Java plugin though. That's something I'm definitely going to look into. Thanks for the heads up on this new Java exploit Bruce.

i turned off javaScript in chrome but could not get into my gmail so i turned it back on again. i sandboxed Java in comodo def+ but don't know if this will protect me..Javascript is not Java so does not need to be turned off..

Share this post


Link to post
Share on other sites

If it's sandboxed then no permanent changes to your system should take place as long as it remains that way. Do you still have access to your email client with Java sandboxed? I was also wondering how well the NoScript add-on would protect you against this type of exploit? NoScript gives you pretty much total control over which applets you choose to let load including Java scripts on a site by site basis. So I think that would give you some protection.

Share this post


Link to post
Share on other sites

Wow! Oracle usually doesn't release updates other than their own planed release schedule so you know this is not the norm. It's good they're addressing this issue sooner than later in this instance in my opinion.

Share this post


Link to post
Share on other sites

Wow! Oracle usually doesn't release updates other than their own planed release schedule so you know this is not the norm. It's good they're addressing this issue sooner than later in this is instance in my opinion.

After i saw this i installed java again and sandboxed it with def+ during install just to play around with it. A few hours later i uninstalled it aqain because i don't think i need it and if i play in a snake pit a might get bitten..lol

Share this post


Link to post
Share on other sites

You know there's not a lot of sites that require the Java plugin to be installed to function properly actually. One site that does require it that I know of is the NOAA Weather radar site to load the animated weather data.

Share this post


Link to post
Share on other sites

Even though Oracle issued a security update for Java 7 runtime it has been found to still contain vulnerabilities. Click here for more details. So I guess it's back to the drawing board for Oracle.

Share this post


Link to post
Share on other sites

Even though Oracle issued a security update for Java 7 runtime it has been found to still contain vulnerabilities. Click here for more details. So I guess it's back to the drawing board for Oracle.

i thought this would happen that more security holes would be found. it looks like it will always be this way with java.

Share this post


Link to post
Share on other sites
http://nakedsecurity.sophos.com/2012/09/03/java-security-hole-microsoft/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security ...Online scammers are using a recent email from Microsoft as bait in a widespread spam campaign that exploits vulnerabilities in Oracle’s Java software to install malicious programs on vulnerable systems.

Share this post


Link to post
Share on other sites

This situation is going from bad to worse! It didn't take very long at all for someone to find a way to exploit the latest vulnerabilities in Java 7.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...