-
August 28th, 2012, 10:09 AM
#1
Disable Java warning
Yet another zero-day exploit
Read all about it here:
http://www.theregister.co.uk/2012/08...block_exploit/
Nick.
-
August 28th, 2012, 03:51 PM
#2
Thanks for the heads up. I've disabled Java and haven't found any sites I regularly go to that actually need it. I thought a couple of the financial/stock market chart and speed test pages I use did but it seems that they use Flash now.
VirtualDr email notices are not working.
Check back regularly for responses.
_____________________
cat lovers click here
-
August 29th, 2012, 11:36 AM
#3
I just have disabled Java on Firefox, but how can I disable it in IE 8 ?
-
August 29th, 2012, 11:41 AM
#4
-
August 29th, 2012, 01:04 PM
#5
I tried to disable Java in Control Panel and in IE8 Properties. No joy.
I just had to uninstall it.
By the way, there is a new version, Version 7 Update 6. Will it have the same vulnerability ?
-
August 30th, 2012, 10:25 AM
#6
Now, how are we going to find out when it is safe to install Java again ?
(BTW: The forum is quite slow again)
-
August 30th, 2012, 11:10 AM
#7
Not very soon it seems.
There are some zero-day vulnerabilities in Java that are already being exploited. However, these aren't new bugs: Oracle (NASDAQ:ORCL) has known about them since early April, and doesn't plan to fix them until October.
http://blogs.computerworld.com/malwa...-oracle-itbwcw
-
August 30th, 2012, 11:52 AM
#8
Thanks for your answer, Train.
-
August 30th, 2012, 02:17 PM
#9
-
August 30th, 2012, 11:15 PM
#10
Thanks for your heads up Nick. I just simply deleted Java. It is (or has been) easy to install in the past.
Compaq Presario CQ5210F Windows 7 Home Premium 64Bit Athlon II X2 215(2.7GHz) Nvidia GeForce 6150SE 22" Envision LCD Monitor Brother HL2040 Laser Printer 500GB SATA HDD 3GB DDR2 Ram and NVIDIA nForce MCP61 Chipset Motherboard
-
August 31st, 2012, 11:27 AM
#11
Thanks for your links SpywareDr, they are very useful.
-
August 31st, 2012, 12:08 PM
#12
There is now an update from Java, version 7.0.70.
http://java.com/en/download/manual.jsp
I uninstalled the old and installed 7.0.70 and ran the test from ZScaler. It said I was still vulnerable.
However, a day or so ago, before installing the new update I had disabled Java(tm) Plug-in SSV Helper and Java(tm) Plug-in 2 SSV Helper BHO's, and when I ran ZScaler it said I was still vulnerable.
So I wonder how meaningful the ZScaler test is.
Last edited by Welshjim; August 31st, 2012 at 12:12 PM.
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
-
August 31st, 2012, 02:40 PM
#13
Oracle says version 7.0.70 is not vulnerable to the zero-day exploits, and testers agree.
http://www.computerworld.com/s/artic...rchers_confirm
I do not know why there is a small difference in version number, comparing the installed version in my Control Panel (7.0.70) versus Oracle's nomenclature "The full version string for this update release is 1.7.0_07-b10 ".
Last edited by Welshjim; August 31st, 2012 at 02:49 PM.
Jim
WIN7 Ultimate SP1 64bit, IE 11, NTFS,
cable, MS Security Essentials, Windows 7 firewall
-
August 31st, 2012, 08:08 PM
#14
Only hours after Oracle released its latest Java 7 update to address active exploits, security researchers found yet another vulnerability that can be exploited to run arbitrary code on systems that have the runtime installed.
http://reviews.cnet.com/8301-13727_7...t-java-update/
-
September 1st, 2012, 10:12 AM
#15
My understanding is versions 1.7.0_00-000 through 1.7.0_06-FFF are vulnerable to the 0-day exploit.
And, according to this Zscaler page, the latest version, "1.7.0_07-000", (aka: "Version 7 Update 7", "7u7", "7.0.70", "Java SE 7 Update 07", "Java 7 Update 7"), is not vulnerable.
Here's a screenshot:
(Click it for a larger view)
I do not know (yet) if 7u7 is vulnerable to some other "currently in the wild" vulnerability.
Last edited by SpywareDr; September 1st, 2012 at 10:14 AM.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|