Major Security Hole In Java

threegee · August 29, 2012

This one seems VERY serious, and you are doubtless going to hear a lot more about it when the media gets hold of the news:

http://www.theregist..._block_exploit/

The recommendation is to disable Java on your Windows computers right now! Instructions for Firefox are here. Other browsers will have a similar mechanism for disabling it.

Update: Someone asked me how to disable Java in MS Internet Explorer. See Here

John Fox (foxy) · September 3, 2012

I've just got a pop up saying Java Update now available should I install it or not? I'm not sure what this is about

Edited September 3, 2012 by foxy

keith lockey · September 3, 2012

I've just got a pop up saying Java Update now available should I install it or not? I'm not sure what this is about

I've just got one as well. I cancelled it until I can find out more.

threegee · September 4, 2012

That would seem to be the usual update, for some strange reason a full six weeks earlier than scheduled!

http://www.java.com/...d/installed.jsp

So... seems to be the way to go.

mercuryg · September 5, 2012

I thought you were talking about the island.

threegee · September 5, 2012

...except...

...the security certificate on the copy my computer has downloaded here has already expired! It says expiry â€Ž15 â€ŽJuly â€Ž2012 01:59:59! Really really bright Sun Microsystems, you send out a highly critical update to hundreds of millions of people, and sign it with a duff certificate! :rolleyes:

If other things had the same level of quality control as software I'd be retiring to a dessert island, or finding a deserted mountain top somewhere in Patagonia.

Malcolm Robinson · September 27, 2012

http://uk.news.yahoo.com/pc-security-flaw-leaves-a-billion-users-at-risk-of-cyber-attack.html

threegee · January 15, 2013

...and again!

Department of Homeland Security: Disable Java 'Unless It Is Absolutely Necessary'

Only about 5 months behind the curve, but the security services get there eventually!

Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered.
Oracle has not answered repeated requests for comment.

Apple no longer ships its machines with Java enabled by default

There is now even a warning in the Firefox Add-in Manager:

Sign In

Major Security Hole In Java

Recommended Posts

threegee

John Fox (foxy)

keith lockey

threegee

mercuryg

threegee

Malcolm Robinson

threegee

Create a free account or sign in to comment

Create an account

Sign in

Latest News

Latest Topics

Info

Become a Supporting Member