Jump to content

Recommended Posts

Yesterday a message was posted on the Kaspersky UK Twitter feed concerning the Java Zero Day Vulnerability, giving this link to the Kaspersky Lab Threat Post web page

 

Which describes the threat and gives guidance on how to disable the Java Plug in in Firefox and Chrome, the method for Internet Explorer being a bit more complex.

 

I have now disabled Java in both Firefox and Chrome (as I use both browsers) and verified that all is now OK by running the detect the version of Java link on the Threat Post page.

 

Hopefully Kaspersky will Tweet and otherwise let users know when this Java vulnerability has been patched so that the Plug ins can be safely re enabled, as it would appear that the company responsible for Java is in no hurry to secure their product!

Share this post


Link to post
Yesterday a message was posted on the Kaspersky UK Twitter feed concerning the Java Zero Day Vulnerability, giving this link to the Kaspersky Lab Threat Post web page

 

Which describes the threat and gives guidance on how to disable the Java Plug in in Firefox and Chrome, the method for Internet Explorer being a bit more complex.

 

I have now disabled Java in both Firefox and Chrome (as I use both browsers) and verified that all is now OK by running the detect the version of Java link on the Threat Post page.

 

Hopefully Kaspersky will Tweet and otherwise let users know when this Java vulnerability has been patched so that the Plug ins can be safely re enabled, as it would appear that the company responsible for Java is in no hurry to secure their product!

Java has a set release schedule pretty much with next release not due till early october.I have heard chatter that a new update will be released sooner than that once it is deemed stable,to address said vulnerabilities and a few other issues.They are indeed scrambling to plug this hole asap,so i would not be surprised to see a patch within the next few weeks

Share this post


Link to post

Im not too certain what java is for but would it be a safe practice to remove java from my computer altogether..?

What would be the consequences of doing this..?

Regards.

Share this post


Link to post
Java has a set release schedule pretty much with next release not due till early october.I have heard chatter that a new update will be released sooner than that once it is deemed stable,to address said vulnerabilities and a few other issues.They are indeed scrambling to plug this hole asap,so i would not be surprised to see a patch within the next few weeks

 

That's good to know :) I was going by what was said in the Threat Post ..

Oracle has not released any statements on the new Java flaw, but the next scheduled patch release is not until mid-October. Oracle does not release emergency patches often, so the best course of action right now is to disable Java in any browser that you use regularly.

Share this post


Link to post
Im not too certain what java is for but would it be a safe practice to remove java from my computer altogether..?

What would be the consequences of doing this..?

Regards.

 

My understanding is that Java is used by a lot of websites to deliver interactive content, so best not to delete it. By disabling it temporarily any threat posed by the vulnerability is blocked. It is then easy enough Enable once again.

 

Share this post


Link to post

Are we protected by using Java 7 Update 6 with Internet Explorer and Firefox... or are we exposed by getting malware?

Share this post


Link to post
Java 7 update 7 is out (hopefully it fixes the critical bug):

 

Java SE Downloads

 

Edit: fixed :cb_punk:

 

That's good news, but I am confused by the advice on the website .... which version should I install???

Java Platform (JDK)7u7 or JavaFX2.2 or both???

 

Java SE 7u7

This releases address security concerns. Oracle strongly recommends that all Java SE 7 users upgrade to this release.

JavaFX 2.2 is now bundled with the JDK on Windows, Mac and Linux x86/x64.

Learn more arrow

 

"What Java Do I Need?" You must have a copy of the JRE (Java Runtime Environment) on your system to run Java applications and applets. To develop Java applications and applets, you need the JDK (Java Development Kit), which includes the JRE.

 

Looking in Control Panel I see I have Java7 Update 5 and JavaFX2.1.1 installed on my Windows 7 Home Premium PC.

 

I see it is recommended to uninstall existing versions before installing the new one, so I guess that means both of the versions on my PC?

Share this post


Link to post
That's good news, but I am confused by the advice on the website .... which version should I install???

Java Platform (JDK)7u7 or JavaFX2.2 or both???

Looking in Control Panel I see I have Java7 Update 5 and JavaFX2.1.1 installed on my Windows 7 Home Premium PC.

 

I see it is recommended to uninstall existing versions before installing the new one, so I guess that means both of the versions on my PC?

Well the latest version 7 java apparently still has security flaws if you believe the Register so you might as well hold off for now.

http://www.theregister.co.uk/2012/08/31/cr...n_patched_java/

Share this post


Link to post
Well the latest version 7 java apparently still has security flaws if you believe the Register so you might as well hold off for now.

http://www.theregister.co.uk/2012/08/31/cr...n_patched_java/

 

Appreciate that petsy

 

I hope when they eventually release a version without flaws that they explain, in simple language for numpties like me, exactly which version they need and whether all traces of Java should be uninstalled before installing the new one :unsure:

Edited by Gniblett

Share this post


Link to post

Where does it say that Java vulnerabilities shall always be with thee? I saw that someplace.

 

This is not a Kaspersky-related item, so this is amicably closed. :)

 

Maybe this can be continued in the Fan Club forum.

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.