1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

A Warning not to run Java in your Web browser

Discussion in 'General Security' started by lotuseclat79, Apr 12, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    Java bug exposes users to serious code-execution risk.

    Researchers disclose because Oracle won't

    Note: Links internal to the above article lead to workarounds to problem.

    Advice: Turn off Java in your Web browser.

    Related: Serious Java Bug Exposes Users To Code Execution.

    This might be a tough one to solve as it’s not a typical buffer overflow or programming bug per-se but more of a flaw in the way the Java Virtual Machine functions. Sun don’t consider this vulnerability to be critical, which could be a mistake on their part as that means it won’t be patched until the next patch in the cycle is released – which should be around July.

    -- Tom
     
  2. Mumbodog

    Mumbodog

    Joined:
    Oct 3, 2007
    Messages:
    7,889
  3. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    11,882
    I don't see a lot of web sites using Java, so I don't have that installed. But a lot of universities teach Java, so I think the student population is at risk.
     
  4. SIR****TMG

    SIR****TMG

    Joined:
    Aug 12, 2003
    Messages:
    47,118
    Good Read
     
  5. antimoth

    antimoth

    Joined:
    Aug 8, 2009
    Messages:
    361
    I removed Java, thought I didn't need it, but found my GPS support software runs on it. I got out, but they pulled me back.

    Maybe this is overblown and false security. If you remove Java from your PC and your lifestyle involves visits to suspect websites, you are still vulnerable to the existing tried and true Javascript (not the same as Java) and Active-X exploits. Even if your lifestyle is pure as new snow, hundreds of thousands of legit sites contain links to suspect sites.

    I am not sure about Internet Explorer, but Firefox with a script blocker will prevent Javascript exploits as well as the new Java exploiit (so far). And any script blocker is worthless if you go to a site and tell it to allow scripts.
     
  6. lotuseclat79

    lotuseclat79 Thread Starter

    Joined:
    Sep 12, 2003
    Messages:
    20,583
    Hi antimoth,

    Yes, simply turn off Java in Firefox, and run Firefox with NoScript to provide against cross-scripting JavaScript attacks. Only use IE for Update Tuesdays for Windows Platforms, otherwise, use Firefox.

    -- Tom
     
  7. Mumbodog

    Mumbodog

    Joined:
    Oct 3, 2007
    Messages:
    7,889
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/916364

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice