Printable View
http://www.kb.cert.org/vuls/id/625617
FWIW--The link to the Oracle page says " For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab." I do not seem to have "Enable Java Content" in my Java Control Panel.
Opening the Java Control Panel from Windows Control Panel does not have the Security setting mentioned. You have to open the Java Control Panel from Start|and typing javacpl.exe " then Enter.
For Firefox users:
http://thenextweb.com/apps/2013/01/1...-on-blocklist/
Quote:
Mozilla on Friday announced it has added Java 7 Update 9, Java 7 Update 10, Java 6 Update 37, and Java 6 Update 38 to its Firefox add-on block list, following yesterday’s news of a new vulnerability.
Bah! I just uninstalled it. Haven't needed it in ages so it's gone. period.
So you just don't use web sites that require java?
'
If you go to a site that requires it how do you work around it?
Not sure what all is included in it?
when i go to start and type in javacpl.exe nothing comes up, win 7 hp 64 bit ff 18, java disabled in addons
Click Start, type in appwiz.cpl and press [Enter], uninstall Java.
If you find that you need it again, go to java.com and reinstall it.
Quote:
So you just don't use web sites that require java?
No, I don't. I used to occasionally visit sites that required java for stock market data/charting but most of those have switched to Flash for active/interactive content and I don't play any online games either.. another thing that sometimes req's Java. Of the many dozens of sites I visit regularly and the perhaps hundreds I visit briefly via links for news, opinion, info, photos, streaming, etc none require Java at all.
I can't think of the last time I went to a website that needed it and I have no installed programs/apps that need it either (not that there are a lot of those anyway)
This all is a bit confusing to me. I was able to disable JAVA in Chrome, but when I go to post messages in one site (CL), I cannot because it requires Java. I have to revert to IE9 to post messages.
So there seem to be some sites that require JAVA, but then the security warnings are to disable it. * Confused *
Why doesn't Opera have these Java issues?
This flaw only occurs in Java 7 so you should be safe with Java 6.
How to be as safe as possible with Java
http://blogs.computerworld.com/cyber...-possible-java
on my laptop win 7 hp 64 bit, using ff, in thr cont pnl, it shows java 6 ,update 37, ///i don't use IE, but it is on my pc, is it still vulnerable if i am not using it
Click Start, type in appwiz.cpl and press [Enter], uninstall Java./// i did this , and it brought it up in the ctrl pnl, but i found it there just by going to the ctrl pnl
so i should dump it ?
i haven't had the desk top booted since i read this article in the paper Friday on java//
tks
i try to be as careful as i can, and do not go to sites i have no interest in.,or do not need
i tried chrome once and didn't like it or opera, ff was my most likeable, what should i be using?
http://java.com/en/download/faq/chrome.xml
on this link it says java will install on chrome? contrary to that editors comments
Yes, you could be.Quote:
Originally Posted by egdufwollamhsram1851
Yes, there is usually more than one way to get to something in Windows.Quote:
Originally Posted by egdufwollamhsram1851
IMHO, yes. That's why I posted the instructions.Quote:
Originally Posted by egdufwollamhsram1851
Temporarily uninstall Java and you won't have to worry about it. They'll get it fixed eventually.Quote:
Originally Posted by egdufwollamhsram1851
Whichever one you like.Quote:
Originally Posted by egdufwollamhsram1851
I just tried installing Java from within Chrome and it worked fine. "Java Version 7 Update 11" showed up in appwiz.cpl so I removed it ... again.Quote:
Originally Posted by egdufwollamhsram1851
Quote:
Originally Posted by ecross
i think i miss stated " i have java 6 update 37" you said 6 is ok?
tks
did you see that web page where that editor said chrome did not use java?
That's not what they said. Please reread the page.Quote:
Originally Posted by egdufwollamhsram1851
what does this mean?
http://blogs.computerworld.com/cyber...-possible-java
Java is not available at all on iOS (iPhone, iPad) and
although it plays a big part n Android, the current issue is with Java from Oracle which
does not run on Android. The safest operating system, in my opinion, is Google's Chrome
OS which also does not support Java.
I think the confusion here is the difference between Chrome browser which runs in Windows and Chrome operating system which is a totally different thing.
The simplest thing is to just uninstall Java using add/remove programs and see if you miss or need it. Odds are that unless you're a big time player of online games you won't notice the difference.
Quote:
Originally Posted by fink
Bot it, sorry bout the confusion.
There was an update listed yesterday , if your not using it, maybe you did not see it?
tks
No, I didn't see it but I'm just going to leave it uninstalled since I still have not yet found any reason to have it.
There are a couple small games i do once in awhile, so i guess if i do those, i'll need it.
Tks
http://www.zdnet.com/security-expert...56/?s_cid=e539
i uninstalled it
tks
7u11 still has flaws. If you don't absolutely need Java, uninstall it.
https://threatpost.com/en_us/blogs/l...s-found-011813
Here's what I've done:
Went to Google and unchecked Java in the settings. In IE9 went to Tools/Manage Add-ons and disabled Java SSV helper. Went to Opera and unchecked Java.
Still showing in Control Panel/Programs: Java 7 update 10 & Java FX 2.1.1....and I get popups from jucheck.exe. So does this mean I still have Java installed?
For the past two weeks I have gotten two "phishing" emails from Citibank and a friend. And my A-V Webroot has caught and removed one threat, so I don't know if that had anything to do with Java insecurity.
Please give directions.
Yes. You would need to uninstall it from the Control Panel. What you did is merely disable the addon.Quote:
So does this mean I still have Java installed?
JavaRa does a good job of removing Java also.
http://singularlabs.com/news/javara-2-0-stable/
That's not a Java issue.Quote:
For the past two weeks I have gotten two "phishing" emails from Citibank and a friend. And my A-V Webroot has caught and removed one threat, so I don't know if that had anything to do with Java insecurity.
I removed it from cont pnl,, no issues since/// apparently not needed, the games i played still work//
----------------------------------------------------
In the cont pnl/ programs, there are 8 different items of Microsoft Virtual C++ Redisributable starting with 2005 to 2008, some say x86, and x 64, / every time there is an update those go in there and all are supposed to stay?
tks
Please stay on the topic next time. Or create a new thread for a different issue.
Virtual C++ is required for some applications. It depends on if the app is 32-bit or 64-bit as to which they will use. You would need to look at the requirements of your applications. If you aren't sure, then don't mess with it.
Security experts on Java: Fixing zero-day exploit could take 'two years'
Quote:
Summary: Amid growing concern over Java's security, Oracle released an emergency fix over the weekend. However, security professionals say that this measure doesn't go far enough.
sorryQuote:
Originally Posted by Midknyte
i thought about that, i had just been in to the ctrl pnl and was checking to see if java was still gone, and came across these c++ at the time i was replying to the java post,
sorry and tks
It's ok. I understand that you are concerned. Just keeping the ship on course.
Another Java zero-day exploit in the wild actively attacking targetsQuote:
Latest attacks used to surreptitiously install McRat trojan on victim machines.
by Dan Goodin - Mar 1 2013, 11:10am EST
Hackers are exploiting a previously unknown and currently unpatched vulnerability in the latest version of Java to surreptitiously infect targets with malware, security researchers said Thursday night.
The critical vulnerability is being exploited to install a remote-access trojan dubbed McRat, researchers from security firm FireEye warned. The attacks work against Java versions 1.6 Update 41 and 1.7 Update 15, which are the latest available releases of the widely used software. The attack is triggered when people with a vulnerable version of the Java browser plugin visit a website that has been booby-trapped with attack code. FireEye researchers Darien Kindlund and Yichong Lin said the exploit is being used against "multiple customers" and that they have "observed successful exploitation."
The security of Java is reaching near-crisis levels as reports of new in-the-wild exploits have become an almost weekly occurrence over the past few months.
[...continues...]
I removed it
tks