SEARCH

The How-To Geek Forums Have Migrated to Discourse

How-To Geek Forums / Geek Stuff

Researcher Unearths Two New Java Zero-Day Bugs

(4 posts)
  • Started 1 year ago by Straspey
  • Latest reply from StringJunky
  • Topic Viewed 347 times

Straspey
Posts: 556

From Computerworld:

February 25, 2013

Computerworld - A Polish security firm known for rooting out Java vulnerabilities has reported two new bugs in the browser plug-in to Oracle, Security Explorations said today.

On its bug-reporting status page, Security Explorations noted that it had submitted details of the flaws, including proof-of-concept exploit code, to Oracle.

"We had yet another look into Oracle's Java SE 7 software that was released by the company on Feb. 19," said Adam Gowdiak, in an email reply to questions today. "As a result, we have discovered two new security issues, which when combined together, can be successfully used to gain a complete Java security sandbox bypass in the environment of Java SE 7 Update 15 (1.7.0_15-b03)."

Read the full article:

http://www.computerworld.com/s.....o_day_bugs

Posted 1 year ago
Top
 
vistamike
Posts: 10945

Thanks for that Howard.

Not had java on any of my machine for ages, it's not needed! Recent and old links to look at on HTG>

http://www.howtogeek.com/12293.....heres-how/

http://www.howtogeek.com/13435.....nstall-it/

Another thing to look at is;

http://www.howtogeek.com/howto.....t-running/

Mike

Posted 1 year ago
Top
 
Straspey
Posts: 556

Mike -

As a result of this recent spate of "Bad Java" scares and warning, I removed Java from my system about three weeks ago and - so far, so good.

A couple of sites I visit seem to look slightly different now, but that has not prevented me from normal usage.

- Howard

Posted 1 year ago
Top
 
StringJunky
Posts: 2454

In Chrome my plugins are set to Click To Play in Settings > Show Advanced Settings > Privacy (Content Settings) > Plugins > Click To Play. This apparently is the safest way to have Java ie not enabled by default. This is the view and operation for Flash but it works the same for Java. You can also click to enable cookies for a site if cookies are disabled by default in Settings. That's the brown icon with the cross on it next to the plugin icon I pointed to in the address bar in the image...I have third-party cookies disabled by default.

Posted 1 year ago
Top
 



Topic Closed

This topic has been closed to new replies.