A Warning not to run Java in your Web browser

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

lotuseclat79

Thread Starter
Joined
Sep 12, 2003
Messages
20,583
Java bug exposes users to serious code-execution risk.

Researchers disclose because Oracle won't

Note: Links internal to the above article lead to workarounds to problem.

Advice: Turn off Java in your Web browser.

Related: Serious Java Bug Exposes Users To Code Execution.

This might be a tough one to solve as it’s not a typical buffer overflow or programming bug per-se but more of a flaw in the way the Java Virtual Machine functions. Sun don’t consider this vulnerability to be critical, which could be a mistake on their part as that means it won’t be patched until the next patch in the cycle is released – which should be around July.

-- Tom
 
Joined
Sep 21, 2007
Messages
13,831
I don't see a lot of web sites using Java, so I don't have that installed. But a lot of universities teach Java, so I think the student population is at risk.
 
Joined
Aug 8, 2009
Messages
361
I removed Java, thought I didn't need it, but found my GPS support software runs on it. I got out, but they pulled me back.

Maybe this is overblown and false security. If you remove Java from your PC and your lifestyle involves visits to suspect websites, you are still vulnerable to the existing tried and true Javascript (not the same as Java) and Active-X exploits. Even if your lifestyle is pure as new snow, hundreds of thousands of legit sites contain links to suspect sites.

I am not sure about Internet Explorer, but Firefox with a script blocker will prevent Javascript exploits as well as the new Java exploiit (so far). And any script blocker is worthless if you go to a site and tell it to allow scripts.
 

lotuseclat79

Thread Starter
Joined
Sep 12, 2003
Messages
20,583
I removed Java, thought I didn't need it, but found my GPS support software runs on it. I got out, but they pulled me back.

Maybe this is overblown and false security. If you remove Java from your PC and your lifestyle involves visits to suspect websites, you are still vulnerable to the existing tried and true Javascript (not the same as Java) and Active-X exploits. Even if your lifestyle is pure as new snow, hundreds of thousands of legit sites contain links to suspect sites.

I am not sure about Internet Explorer, but Firefox with a script blocker will prevent Javascript exploits as well as the new Java exploiit (so far). And any script blocker is worthless if you go to a site and tell it to allow scripts.
Hi antimoth,

Yes, simply turn off Java in Firefox, and run Firefox with NoScript to provide against cross-scripting JavaScript attacks. Only use IE for Update Tuesdays for Windows Platforms, otherwise, use Firefox.

-- Tom
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top