Major java security flaw

Discuss anything not covered by any of the other categories.
Post Reply
revelator
Posts: 2621
Joined: Thu Jan 24, 2008 12:04 pm
Location: inside tha debugger

Major java security flaw

Post by revelator »

Just wanted to warn users that the O-day exploit patch from last year did not plug up all holes in java and according to oracle it wont be fixed untill february :S security experts reccomend turning off the java plugin untill then. Most antivirus suites will not stop this exploit either so be aware.
Productivity is a state of mind.
Spirit
Posts: 1065
Joined: Sat Nov 20, 2004 9:00 pm
Contact:

Re: Major java security flaw

Post by Spirit »

If only OpenJDK was readily available for Windows too. :?
Improve Quaddicted, send me a pull request: https://github.com/SpiritQuaddicted/Quaddicted-reviews
frag.machine
Posts: 2126
Joined: Sat Nov 25, 2006 1:49 pm

Re: Major java security flaw

Post by frag.machine »

As someone who write Java code for a living, I'd say if you really don't need the Java plugin, disable it. Java is a great language for corporative application development, but Oracle been sloppy on security, and this is tarnishing the technology reputation. Luckly, most of these exploits can be quickly fixed or at least workarounded on the server side.
I know FrikaC made a cgi-bin version of the quakec interpreter once and wrote part of his website in QuakeC :) (LordHavoc)
revelator
Posts: 2621
Joined: Thu Jan 24, 2008 12:04 pm
Location: inside tha debugger

Re: Major java security flaw

Post by revelator »

oracle released an update now that should take care of it :)
Productivity is a state of mind.
Post Reply