bangkokburning Posted January 17, 2013 Share Posted January 17, 2013 Here we go again... Uninstall Link to comment Share on other sites More sharing options...
ronz28 Posted January 23, 2013 Share Posted January 23, 2013 I used one financial website application that wouldn't run for me now that I have uninstalled JAVA. Their website wanted to install the latest JAVA update to run their application, which I declined. Customer service wanted to assure me its safe since they use HTTPS. I doubt that would solve the JAVA security issue so I told them no thanks. Fortunately, they have a new application that uses Adobe Air to provide most of the same information. I hope its more secure than JAVA. Link to comment Share on other sites More sharing options...
draftvader Posted January 24, 2013 Share Posted January 24, 2013 (edited) I used one financial website application that wouldn't run for me now that I have uninstalled JAVA. Their website wanted to install the latest JAVA update to run their application, which I declined. Customer service wanted to assure me its safe since they use HTTPS. I doubt that would solve the JAVA security issue so I told them no thanks. Fortunately, they have a new application that uses Adobe Air to provide most of the same information. I hope its more secure than JAVA. This site is a good place to start studying your software. http://www.cvedetails.com/product/11602/Adobe-Adobe-Air.html?vendor_id=53 Edited January 24, 2013 by draftvader 2 Link to comment Share on other sites More sharing options...
Chicog Posted February 2, 2013 Share Posted February 2, 2013 Here's the latest, probably half-fixed, update 13. http://www.v3.co.uk/v3-uk/news/2241063/oracle-rushes-out-another-java-update Link to comment Share on other sites More sharing options...
draftvader Posted February 2, 2013 Share Posted February 2, 2013 Here's the latest, probably half-fixed, update 13. http://www.v3.co.uk/...her-java-update Thanks for that. You'd like to think they'd get it right this time as they really don't want to keep on releasing updates that don't solve the issue. Link to comment Share on other sites More sharing options...
Chicog Posted February 2, 2013 Share Posted February 2, 2013 They won't. Link to comment Share on other sites More sharing options...
draftvader Posted February 2, 2013 Share Posted February 2, 2013 They won't. Yep, I'm starting to think that they want to kill off Java so they can join the rest of us in the 21st century. God Oracle is a dinosaur. Link to comment Share on other sites More sharing options...
ronz28 Posted February 21, 2013 Share Posted February 21, 2013 Hackers strike big using JAVA again: http://www.zdnet.com/facebook-apple-hacks-could-affect-anyone-heres-what-you-can-do-7000011520/?s_cid=e539 Link to comment Share on other sites More sharing options...
klikster Posted March 2, 2013 Share Posted March 2, 2013 Hackers are exploiting a previously unknown and currently unpatched vulnerability in the latest version of Java to surreptitiously infect targets with malware, security researchers said Thursday night.The critical vulnerability is being exploited to install a remote-access trojan dubbed McRat, researchers from security firm FireEye warned. The attacks work against Java versions 1.6 Update 41 and 1.7 Update 15, which are the latest available releases of the widely used software. The attack is triggered when people with a vulnerable version of the Java browser plugin visit a website that has been booby-trapped with attack code. FireEye researchers Darien Kindlund and Yichong Lin said the exploit is being used against "multiple customers" and that they have "observed successful exploitation."The security of Java is reaching near-crisis levels as reports of new in-the-wild exploits have become an almost weekly occurrence over the past few months.http://arstechnica.com/security/2013/03/another-java-zero-day-exploit-in-the-wild-actively-attacking-targets/ Link to comment Share on other sites More sharing options...
Chicog Posted March 2, 2013 Share Posted March 2, 2013 I've been testing FireEye this week. It actually gives you a nice look at the infection vector. A particular (and valid) site gets hacked and the hackers simply divert a link elsewhere so the website A/V doesn't pick it up. It quietly downloads java to your PC and hey presto! Really, just turn it off. It's beyond a ****ing joke. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now