It is currently Tue Oct 20, 2020 11:55 pm

All times are UTC




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 47 posts ]  Go to page Previous  1, 2, 3, 4  Next
Author Message
 Post subject:
PostPosted: Sat Jan 12, 2013 10:57 pm 
Offline
Obduction Backer

Joined: Tue May 09, 2006 4:41 pm
Posts: 1715
Location: South Georgia
Ahlisendar wrote:
Didn't this just happen a few months ago... ?


Yes. http://mystonline.com/forums/viewtopic.php?t=25923

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Jan 12, 2013 11:36 pm 
Offline
Former MystOnline Moderator

Joined: Fri Nov 10, 2006 3:05 pm
Posts: 4208
Location: 56°2'26", -3°20'28"
Which just reiterates a) how much of a target it has become and b) how sloppy Oracle are :? .

_________________
Image Mac - MOULagain KI#00004826 00004289
In the interests of the environment, this post has been constructed entirely from recycled electrons.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Jan 13, 2013 1:27 am 
Offline
Obduction Backer

Joined: Sat May 13, 2006 6:06 am
Posts: 1172
Location: Anywhere
Ahlisendar wrote:
Didn't this just happen a few months ago... ?


That's why I said it should be stickied.

_________________
I used to be an adventurer like you, then I found other games to play.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Jan 18, 2013 7:02 pm 
Offline
Obduction Backer

Joined: Tue May 09, 2006 4:41 pm
Posts: 1715
Location: South Georgia
Oracle's recent fix for this issue has been broken. There are now two more known vulnerabilities.

I recommend uninstalling Java at your earliest opportunity.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Jan 18, 2013 7:15 pm 
Offline

Joined: Tue Jan 11, 2011 9:26 pm
Posts: 2501
Location: Ontario, Canada
But before you uninstall make sure your not using Java for something. I am developing a couple of projects in Java so I can't get rid of it but I do have my browser plugins turned off. Also Drizzle requires Java to run.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Jan 18, 2013 10:10 pm 
Adam, all this means is that the latest Java is compromised, not all Java. If you have a Java install from before this bug, you're safe, and do not need to uninstall it. If you have an install from after, uninstall it, but grab an earlier version from before the bug.


Top
  
Reply with quote  
 Post subject:
PostPosted: Fri Jan 18, 2013 10:28 pm 
Offline
Obduction Backer

Joined: Tue May 09, 2006 4:41 pm
Posts: 1715
Location: South Georgia
DLordofTime wrote:
Adam, all this means is that the latest Java is compromised, not all Java. If you have a Java install from before this bug, you're safe, and do not need to uninstall it. If you have an install from after, uninstall it, but grab an earlier version from before the bug.


If you have a Java install from before this one, then you're vulnerable to the old security hole (unless you're on the much older Java 6). We don't want that either.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Fri Jan 18, 2013 10:33 pm 
Offline

Joined: Tue Jan 11, 2011 9:26 pm
Posts: 2501
Location: Ontario, Canada
My recommendation is that you disable your Java plugin and scan Java apps you download online with anti-virus software. Like Java anti-virus software is also available on all platform(Mac and Linux as well as Windows). Most web sites should not require you to use Java.

NOTE: JavaScript is *NOT* related to Java. They used the term to "cash in" on the populatity of Java at the time it was invented. Don't ask me why they wern't sued for it.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Jan 19, 2013 12:40 am 
That's what I mean, Adam.


Top
  
Reply with quote  
 Post subject:
PostPosted: Sat Jan 19, 2013 1:11 am 
Offline

Joined: Tue Jan 11, 2011 9:26 pm
Posts: 2501
Location: Ontario, Canada
I think Java 6 will work fine for most tings.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sat Jan 19, 2013 1:15 pm 
Offline
Former MystOnline Moderator

Joined: Fri Nov 10, 2006 3:05 pm
Posts: 4208
Location: 56°2'26", -3°20'28"
Jamie Marchant wrote:
NOTE: JavaScript is *NOT* related to Java. They used the term to "cash in" on the populatity of Java at the time it was invented. Don't ask me why they wern't sued for it.
Probably because Netscape (main developer of LiveScript/JavaScript) did a deal with (Sun developer of Java) over bundling Java support into the Netscape browser, back in the days when Netscape was the browser of choice.

_________________
Image Mac - MOULagain KI#00004826 00004289
In the interests of the environment, this post has been constructed entirely from recycled electrons.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Feb 21, 2013 4:39 pm 
Offline

Joined: Tue Jan 11, 2011 9:26 pm
Posts: 2501
Location: Ontario, Canada
I got a Java update to Java 7 today, does anyone know if this update fixed this issue?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Thu Feb 21, 2013 4:51 pm 
Offline
Obduction Backer

Joined: Tue May 09, 2006 4:41 pm
Posts: 1715
Location: South Georgia
The issue was "fixed" a month ago. However, I fully expect to see another zero day exploiting another symptom of the problem soon.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Sun Mar 03, 2013 11:22 pm 
Offline
Obduction Backer

Joined: Tue May 09, 2006 4:41 pm
Posts: 1715
Location: South Georgia
Would you look at that... Exactly a week after I posted my previous message: http://blog.fireeye.com/research/2013/0 ... day-2.html

:roll: :roll: :roll: :roll:

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Mar 05, 2013 6:50 pm 
Offline
Former MystOnline Moderator

Joined: Fri Nov 10, 2006 3:05 pm
Posts: 4208
Location: 56°2'26", -3°20'28"
And lo and behold, Java 1.7 update 17 is upon us to address that issue. How long 'til the next one?

_________________
Image Mac - MOULagain KI#00004826 00004289
In the interests of the environment, this post has been constructed entirely from recycled electrons.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 47 posts ]  Go to page Previous  1, 2, 3, 4  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron