Again--Security problems with Java

**fink** · January 14th, 2013, 11:50 AM

The simplest thing is to just uninstall Java using add/remove programs and see if you miss or need it. Odds are that unless you're a big time player of online games you won't notice the difference.

**egdufwollamhsram1851** · January 14th, 2013, 01:38 PM

Originally Posted by fink

I think the confusion here is the difference between Chrome browser which runs in Windows and Chrome operating system which is a totally different thing.

Bot it, sorry bout the confusion.

There was an update listed yesterday , if your not using it, maybe you did not see it?
tks

**fink** · January 14th, 2013, 01:51 PM

No, I didn't see it but I'm just going to leave it uninstalled since I still have not yet found any reason to have it.

**egdufwollamhsram1851** · January 14th, 2013, 01:58 PM

There are a couple small games i do once in awhile, so i guess if i do those, i'll need it.

Tks

**egdufwollamhsram1851** · January 14th, 2013, 08:49 PM

http://www.zdnet.com/security-expert...56/?s_cid=e539

i uninstalled it

tks

**Midknyte** · January 18th, 2013, 02:35 PM

7u11 still has flaws. If you don't absolutely need Java, uninstall it.
https://threatpost.com/en_us/blogs/l...s-found-011813

**Sal_gal** · January 18th, 2013, 05:45 PM

Here's what I've done:
Went to Google and unchecked Java in the settings. In IE9 went to Tools/Manage Add-ons and disabled Java SSV helper. Went to Opera and unchecked Java.

Still showing in Control Panel/Programs: Java 7 update 10 & Java FX 2.1.1....and I get popups from jucheck.exe. So does this mean I still have Java installed?

For the past two weeks I have gotten two "phishing" emails from Citibank and a friend. And my A-V Webroot has caught and removed one threat, so I don't know if that had anything to do with Java insecurity.

Please give directions.

**Midknyte** · January 18th, 2013, 05:48 PM

So does this mean I still have Java installed?

Yes. You would need to uninstall it from the Control Panel. What you did is merely disable the addon.

JavaRa does a good job of removing Java also.
http://singularlabs.com/news/javara-2-0-stable/

For the past two weeks I have gotten two "phishing" emails from Citibank and a friend. And my A-V Webroot has caught and removed one threat, so I don't know if that had anything to do with Java insecurity.

That's not a Java issue.

**egdufwollamhsram1851** · January 18th, 2013, 07:50 PM

I removed it from cont pnl,, no issues since/// apparently not needed, the games i played still work//
----------------------------------------------------

In the cont pnl/ programs, there are 8 different items of Microsoft Virtual C++ Redisributable starting with 2005 to 2008, some say x86, and x 64, / every time there is an update those go in there and all are supposed to stay?

tks

**Midknyte** · January 18th, 2013, 07:55 PM

Please stay on the topic next time. Or create a new thread for a different issue.

Virtual C++ is required for some applications. It depends on if the app is 32-bit or 64-bit as to which they will use. You would need to look at the requirements of your applications. If you aren't sure, then don't mess with it.

**SpywareDr** · January 19th, 2013, 07:15 AM

Security experts on Java: Fixing zero-day exploit could take 'two years'

Summary: Amid growing concern over Java's security, Oracle released an emergency fix over the weekend. However, security professionals say that this measure doesn't go far enough.

**egdufwollamhsram1851** · January 19th, 2013, 05:17 PM

Originally Posted by Midknyte

Please stay on the topic next time. Or create a new thread for a different issue.

Virtual C++ is required for some applications. It depends on if the app is 32-bit or 64-bit as to which they will use. You would need to look at the requirements of your applications. If you aren't sure, then don't mess with it.

sorry

i thought about that, i had just been in to the ctrl pnl and was checking to see if java was still gone, and came across these c++ at the time i was replying to the java post,
sorry and tks

**Midknyte** · January 19th, 2013, 06:46 PM

It's ok. I understand that you are concerned. Just keeping the ship on course.

**SpywareDr** · March 3rd, 2013, 11:11 AM

Another Java zero-day exploit in the wild actively attacking targets

Latest attacks used to surreptitiously install McRat trojan on victim machines.
by Dan Goodin - Mar 1 2013, 11:10am EST

Hackers are exploiting a previously unknown and currently unpatched vulnerability in the latest version of Java to surreptitiously infect targets with malware, security researchers said Thursday night.

The critical vulnerability is being exploited to install a remote-access trojan dubbed McRat, researchers from security firm FireEye warned. The attacks work against Java versions 1.6 Update 41 and 1.7 Update 15, which are the latest available releases of the widely used software. The attack is triggered when people with a vulnerable version of the Java browser plugin visit a website that has been booby-trapped with attack code. FireEye researchers Darien Kindlund and Yichong Lin said the exploit is being used against "multiple customers" and that they have "observed successful exploitation."

The security of Java is reaching near-crisis levels as reports of new in-the-wild exploits have become an almost weekly occurrence over the past few months.

[...continues...]

**egdufwollamhsram1851** · March 3rd, 2013, 01:27 PM

I removed it
tks

Thread: Again--Security problems with Java

Thread Tools

Search Thread

Display

Update

Thread Information

Users Browsing this Thread

Posting Permissions