Java is Insecure and Awful, It’s Time to Disable It, and Here’s How

http://www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/?utm_source=newsletter&utm_medium=email&utm_campai gn=290812

As usual, there’s yet another security hole in the Java Runtime
Environment, and if you don’t disable your Java plugin, you’re at risk
for being infected with malware. Here’s how to do it.

In article ,
says...

http://www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/?utm_source=newsletter&utm_medium=email&utm_campai gn=290812

As usual, there?s yet another security hole in the Java Runtime
Environment, and if you don?t disable your Java plugin, you?re at risk
for being infected with malware. Here?s how to do it.

Oracle posted an updated version today (Aug 30).

--
If there is a no_junk in my address, please REMOVE it before replying!
All junk mail senders will be prosecuted to the fullest extent of the
law!!
http://home.comcast.net/~andyross

On 8/30/2012 6:33 PM, Andrew Rossmann wrote:
In articleq8SdnW9nu9nXeqPNnZ2dnUVZ_qOdnZ2d@earthlink .com,
says...

http://www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/?utm_source=newsletter&utm_medium=email&utm_campai gn=290812

As usual, there?s yet another security hole in the Java Runtime
Environment, and if you don?t disable your Java plugin, you?re at risk
for being infected with malware. Here?s how to do it.

Oracle posted an updated version today (Aug 30).


Java nothing with IE or FF is active on my Win 7 machines.

Andrew Rossmann wrote:
In article ,
says...

http://www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/?utm_source=newsletter&utm_medium=email&utm_campai gn=290812

As usual, there?s yet another security hole in the Java Runtime
Environment, and if you don?t disable your Java plugin, you?re at risk
for being infected with malware. Here?s how to do it.

Oracle posted an updated version today (Aug 30).




Perhaps it resolved these vulnerabilities ... perhaps not !

Researchers find critical vulnerability in Java 7 patch hours after release
http://www.cio.com/article/715219/Re..._after_release

" Security researchers from Poland-based security firm Security
Explorations claim to have discovered a vulnerability in the Java 7
security update released Thursday that can be exploited to escape the
Java sandbox and execute arbitrary code on the underlying system.

Security Explorations sent a report about the vulnerability to Oracle on
Friday together with a proof-of-concept exploit, Adam Gowdiak, the
security company's founder and CEO said Friday via email.

The company doesn't plan to release any technical details about the
vulnerability publicly until Oracle addresses it, Gowdiak said.
snip

Based on the experience of Security Explorations researchers with
hunting for Java vulnerabilities so far, Java 6 has better security than
Java 7. "Java 7 was surprisingly much easier for us to break," Gowdiak
said. "For Java 6, we didn't manage to achieve a full sandbox
compromise, except for the issue discovered in Apple Quicktime for Java
software."

Gowdiak has echoed what many security researchers have said befo If
you don't need Java, uninstall it from your system. "


Ouch !


MowGreen
================
*-343-* FDNY
Never Forgotten
================

On 30/08/2012 12:08 AM, Big Steel wrote:
http://www.howtogeek.com/122934/java-is-insecure-and-awful-its-time-to-disable-it-and-heres-how/?utm_source=newsletter&utm_medium=email&utm_campai gn=290812


As usual, there’s yet another security hole in the Java Runtime
Environment, and if you don’t disable your Java plugin, you’re at risk
for being infected with malware. Here’s how to do it.

My Firefox usually disables most versions of the Java runtime plugin
anyways. Never miss it on websites, but it's still useful in a local
environment, as I have some Java apps that run locally.

Yousuf Khan