http://news.yahoo.com/us-government-tel ... 00371.html
found this surfing
This Just in [Java 7 vulnerability found]
Moderators: dorpond, trevor, Azhrei
This Just in [Java 7 vulnerability found]
Last edited by aliasmask on Sat Jan 12, 2013 12:32 am, edited 1 time in total.
Reason: edited the header to be more descriptive
Reason: edited the header to be more descriptive
Re: This Just in
I love the lack of detail in the article. Is it all java, the latest release, only when visiting suspect sites, all OSs...? Also, Google Chrome has it's own version of java built in to browser... is that effected? I wouldn't panic just yet, but I'll keep my eye open for details.
edit: More info
http://arstechnica.com/security/2013/01 ... -the-wild/
short version: Some sites may have exploits installed and works against java 7.
I still only have java 6.32 installed, so looks like I'm safe. For those worried, just uninstall java 7. You should have java 6.xx installed for using MT already, but if not, check the announcements for windows and java7 for a link to install java 6.
For those using Chrome and don't know if they have java and want to disable, you can type this: chrome://plugins/ and then disable.
edit: More info
http://arstechnica.com/security/2013/01 ... -the-wild/
short version: Some sites may have exploits installed and works against java 7.
I still only have java 6.32 installed, so looks like I'm safe. For those worried, just uninstall java 7. You should have java 6.xx installed for using MT already, but if not, check the announcements for windows and java7 for a link to install java 6.
For those using Chrome and don't know if they have java and want to disable, you can type this: chrome://plugins/ and then disable.
Downloads:
- Notepad++ MapTool addon
- RPEdit details (v1.3)
- Coding Tips: Modularity and Design
- Videos: Macro Writing Tools
Re: This Just in [Java 7 vulnerability found]
AM i am not panicking I found it thought it made for interesting news as it actually does affect our community, there have been a couple of follow on articles I am waiting to see if Oracle will man up and respond
Re: This Just in [Java 7 vulnerability found]
No, I appreciate your post and I was just a generalizing to the community at hand about not panicking due to the lack of detail in the first article. I would speculate the most vulnerable sites would be blog based, pr0n and those sites who don't have a professional team of IT people monitoring the site. So, people who visit those sites could have their password compromised or applets installed on their computer that may compromise their system. I'll be keeping an eye on the news about this. Since MT is java 6 based and the problem is with java 7, there should be any problems with MT.Dervish wrote:AM i am not panicking I found it thought it made for interesting news as it actually does affect our community, there have been a couple of follow on articles I am waiting to see if Oracle will man up and respond
Downloads:
- Notepad++ MapTool addon
- RPEdit details (v1.3)
- Coding Tips: Modularity and Design
- Videos: Macro Writing Tools
- Jack of Spades
- Kobold
- Posts: 10
- Joined: Tue Oct 02, 2007 11:16 pm
- Contact:
Re: This Just in [Java 7 vulnerability found]
Looks like Oracle has patched the vulnerability – update here. At this point, were it not for MapTool, I'd uninstall Java altogether.
C. Lee Davis
Re: This Just in [Java 7 vulnerability found]
I wonder if the wildcard problem and vulnerability had anything to do with one another? From the article, it sounds like the patch really isn't a patch, but a change in settings. I guess they'll fix it later.
Downloads:
- Notepad++ MapTool addon
- RPEdit details (v1.3)
- Coding Tips: Modularity and Design
- Videos: Macro Writing Tools
Re: This Just in [Java 7 vulnerability found]
Have to say I am a little bit curious about the press coverage. This is hardly the first zero-day exploit and far from the worst. Still, Oracle do need to get their act together.Jack of Spades wrote:Looks like Oracle has patched the vulnerability – update here. At this point, were it not for MapTool, I'd uninstall Java altogether.
Re: This Just in [Java 7 vulnerability found]
Yeah, it's a bit annoying. Obviously, serious bugs should be fixed and fixed quickly -- and apparently Oracle didn't do too badly on this one.
But in that same linked article is an "Update" at the bottom that says, "Oh, btw... Microsoft's terribly bug-ridden browser has been patched to 'fully address' a separate security vulnerability which allowed remote code execution."
So why does one of a thousand serious bugs in IE get a small little update notice, but a single serious bug in Java gets "an article"?
(If I had a dime for every serious flaw in IE I'd be a rich man...)
But in that same linked article is an "Update" at the bottom that says, "Oh, btw... Microsoft's terribly bug-ridden browser has been patched to 'fully address' a separate security vulnerability which allowed remote code execution."
So why does one of a thousand serious bugs in IE get a small little update notice, but a single serious bug in Java gets "an article"?
(If I had a dime for every serious flaw in IE I'd be a rich man...)
Re: This Just in [Java 7 vulnerability found]
I believe the "final" fix for this security issue will be issued on the 19th of Feb