New Java 7 exploit discovered! - Patch available now.
Wednesday, August 29, 2012 by coffeegrinder | Discussion: Personal Computing
New Java 7 exploit allows hackers to install malware on Windows, Mac OS X, and Linux; only fix currently is to disable Java.
Read about it here :-
 |
|
Page 1 of 2 | |
|
|---|
Reply #2 Wednesday, August 29, 2012 6:11 AM
Good work, coffeegrinder! 
How to disable Java by browser:
http://blog.markloiseau.com/2012/03/psa-disable-java-in-your-browser/
How to disable Java in your Mac Web Browser:
http://www.maclife.com/article/howtos/how_disable_java_your_mac_web_browser
I do expect Oracle will come up with an emergency fix before their planned October update.
Reply #4 Wednesday, August 29, 2012 8:56 AM
Interesting, I check my Plugins in Firefox 15.0 and my version of Java is 6 and it says there is no update available. It says JAVA(TM) Platform SE 6 U33 6.0.330.3. I don't think that is the JAVA plugin I should be concerned with?
Reply #7 Wednesday, August 29, 2012 12:10 PM
Okay, I just went and disable Java. Thank you
Reply #8 Wednesday, August 29, 2012 12:24 PM
It appears you are OK (more or less) if you've not updated Java to 7 - my browsers are still at 6.x. As long as Java's not set to auto-update should be safe.
Reply #10 Wednesday, August 29, 2012 4:53 PM
I have Java Deployment Toolkit 6.02.200.2 enabled
Platform SE 6 U20 6.2.00.2 is disabled
Reply #12 Wednesday, August 29, 2012 5:44 PM
Two words for Firefox users
No Script!
It is the best addon, it disables flash and java, and allows you to train it and set up exactly what sites you allow through and what sites you don't, once you train it, which can be time consuming, it's awesome.
-Æ
Reply #13 Wednesday, August 29, 2012 6:12 PM
I love NoScript, too, but it's not for the casual user (e.g., my wife - it only serves to frustrate the begeezus out of her) or the faint of computer.
Reply #15 Thursday, August 30, 2012 5:04 AM
It is now being reported that a tech security firm alerted Oracle about the vulnerability four months ago.
Reply #16 Thursday, August 30, 2012 5:27 AM
Well, MS and Adobe behave in much the same way: If it ain't on fire, take your time.
Well, they might well have shot us (some of us, anyway) in the foot.
Glad you brought this up coffeegrinder! I missed it.
Reply #18 Thursday, August 30, 2012 5:58 AM
Uvah... I'd just leave it alone. You can always pm yrag to ask the same question. Nothing urgent about it at the moment, though....as far as I can see.
Reply #19 Thursday, August 30, 2012 6:24 PM
Oracle has released the patch for this vulnerability: http://reviews.cnet.com/8301-13727_7-57503787-263/oracle-patches-java-7-vulnerability/
http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html
For W7x64:
http://www.oracle.com/technetwork/java/javase/downloads/jdk7u7-downloads-1836413.html
See my post here:
https://forums.wincustomize.com/430436
Please login to comment and/or vote for this skin.
Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:
- Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
- Access to a great community, with a massive database of many, many areas of interest.
- Access to contests & subscription offers like exclusive emails.
- It's simple, and FREE!
|
|
Page 1 of 2 | |
|
|---|
Reply #1 Wednesday, August 29, 2012 4:21 AM
Went to disable it in Firefox but it was already disabled since the 14th of August for what I assume is another exploit? Gotta love Firefox notifying me and disabling bad shit.