[Info] Turn off your Java now - Dangerous vulnerability

Forum for anything else which doesn't fit in the above forums. Site feedback, random talk, whatever, are welcome.
Post Reply
User avatar
ELiTE
Posts: 12884
Joined: Sun Apr 08, 2007 8:33 pm
Location: Canada

[Info] Turn off your Java now - Dangerous vulnerability

Post by ELiTE » Fri Jan 11, 2013 11:13 am

Turn off your Java browser plugins now - Dangerous vulnerability in latest version Java 7 Update 10

http://majorgeeks.com/story.php?id=37214
By downloading an ELiTE Switchless Installer Addon you, the End User, agree to abide by any Terms of Use prescribed by the Freeware App contained within.

User avatar
5eraph
Site Admin
Posts: 4618
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Fri Jan 11, 2013 3:51 pm

Thanks, ELiTE. :)

User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Fri Jan 11, 2013 5:16 pm

I no longer install Java, never use it

User avatar
mooms
Posts: 790
Joined: Wed Aug 27, 2008 1:29 pm
Location: France

Post by mooms » Fri Jan 11, 2013 8:15 pm

ricktendo64 wrote:I no longer install Java, never use it
Same here, but thanks for the info Elite.

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Sat Jan 12, 2013 6:44 am

many thanks indeed...

as a side note, i *highly* recommend a 'web filter' program called "Proxomitron" as a way to combat vulnerabilities like this...

it sits "between" your web browser (ANY web browser) and "filters" the HTML "code" before your web browser can "render" the code...

User avatar
ELiTE
Posts: 12884
Joined: Sun Apr 08, 2007 8:33 pm
Location: Canada

Post by ELiTE » Sat Jan 12, 2013 9:53 pm

Another update to this story:

Java plugins unplugged by Mozilla and Apple

http://majorgeeks.com/story.php?id=37242
By downloading an ELiTE Switchless Installer Addon you, the End User, agree to abide by any Terms of Use prescribed by the Freeware App contained within.

RicaNeaga
Posts: 221
Joined: Fri Apr 16, 2010 11:59 am

Post by RicaNeaga » Sun Jan 13, 2013 3:22 pm

This time Java was fast - Update 11 is out with the needed fix. Download it from here.

long-lurker
Posts: 177
Joined: Thu Nov 22, 2012 10:17 am

Post by long-lurker » Sun Jan 13, 2013 6:07 pm

MOST of these "vulnerabilities", while 'scary' and in need of "fixes", really don't need, contrary to popular misconception, "fixed" within SECONDS of their discovery...

the odds of so TINY of being "hit", you literally have to stand on your left foot, raise your right hand, use the right-handed mouse with your left hand, click the mouse button at the exact millisecond of a page load on a web page you knew better to go to in the first place, the moon phase must be just right, and the werewolves must be howling - ONLY if ALL criteria are fully met are you TRULY "vulnerable"...

but the whole anti-virus industry thrives so much on false misconceptions that the "masses" are SCARED TO DEATH to so much as play solitaire on their computers until a news-hyped Java vulnerability gets "fixed"...


but anywhooo...
doesn't mean that the 'fix' is not "important", but i digress...
what was the question again?

User avatar
ELiTE
Posts: 12884
Joined: Sun Apr 08, 2007 8:33 pm
Location: Canada

Post by ELiTE » Mon Jan 14, 2013 6:49 pm

And in closing as posted by RicaNeaga:

Fix for critical Java hole released

http://majorgeeks.com/story.php?id=37269
By downloading an ELiTE Switchless Installer Addon you, the End User, agree to abide by any Terms of Use prescribed by the Freeware App contained within.

User avatar
ELiTE
Posts: 12884
Joined: Sun Apr 08, 2007 8:33 pm
Location: Canada

Post by ELiTE » Mon Mar 04, 2013 4:41 pm

Java 6 Update 43 and Java 7 Update 17 now available fixing known vulnerabilities


Java update 17 is now available and includes security fixes… again. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications, in other words they affect the end user.

These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and confidentiality of the user's system.

Oracle recommends everyone update ASAP if you are running Java 7 update 15 or older and Java 6, update 41 and older. Java SE fixes in this Security Alert are cumulative; this latest update includes all fixes from previous Critical Patch Updates and Security Alerts.

Java update 6 is available at http://www.oracle.com/technetwork/java/ ... 02815.html which gives you the options of downloading

Java update 7 is also available at http://java.com/en/download/index.jsp which will detect your operating system and offer you the correct version.

You can also be sure of the latest version via Majorgeeks at:

Version 6: http://www.majorgeeks.com/Sun_Java_Runt ... d4648.html
Version 7: http://www.majorgeeks.com/Sun_Java_Runt ... d7567.html
By downloading an ELiTE Switchless Installer Addon you, the End User, agree to abide by any Terms of Use prescribed by the Freeware App contained within.

Dibya
Posts: 467
Joined: Sat Sep 12, 2015 9:34 am
Location: India

Post by Dibya » Fri Nov 20, 2015 8:47 am

I never use Java Runtime Enviroment(JRE0. Java Devlopement Kit (JDK) is installed in my old pc which I never connect to web as netbean require jdk

Post Reply