abasel — 2012-08-29T04:51:18-04:00 — #1
I need some help to understand the following: http://www.livehacking.com/2012/08/29/concern-grows-as-zero-day-java-exploit-spreads/
One consultant says the following:
According to software giant Oracle, Java is deployed across more than 3 billion systems worldwide. But the truth is that many people who have this powerful program installed simply do not need it, or only need it for very specific uses. I’ve repeatedly encouraged readers to uninstall this program, not only because of the constant updating it requires, but also because there seem to be a never-ending supply of new exploits available for recently-patched or undocumented vulnerabilities in the program.
markbrown4 — 2012-08-29T06:04:00-04:00 — #2
It says in your first link how to disable the Java plugin in major browsers.
That's all you need to do.
paul_wilkins — 2012-08-29T22:40:51-04:00 — #3
You don't need to uninstall Java from your machines either. Just disabling Java applets in the web browser is enough to protect yourself.
Instructions can be found at http://www.h-online.com/security/news/item/Java-0Day-Turn-off-Java-applets-now-1678618.html
Episode 367 of Security Now also goes in to quite some detail about this Java security problem, and how you can protect yourself.
abasel — 2012-08-30T16:37:10-04:00 — #4
Hi, thanks for that. On uninstalling Java (as per the first quote's recommendation), isjavaexploitable.com reported that my computer was safe. This seems simpler than having to check the plugins on my browsers
paul_wilkins — 2012-08-31T01:16:22-04:00 — #5
Yes, uninstalling is a more broad-brush approach that also works. Some people like myself have java programs that need to run outside of the web browser(where the existing unpatched danger is), such as Minecraft, so uninstalling is not a solution for such circumstances.
abasel — 2012-08-31T14:57:15-04:00 — #6
Yeah it is pretty heavy handed... well the patch is out now so all good until next time..... it does big the question about social responsibility and legal liabilities but that's a discussion for another forum