Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Oracle issues major Java security fix; recommends immediate action


30 Aug 2012   #1
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 
Oracle issues major Java security fix; recommends immediate action

Quote:
Oracle has just released an update that is intended to patch up three "distinct but related vulnerabilities" as well as another serious security issue regarding Java running on desktop browsers.

More specifically, the security holes could be exploited over a network without needing a username and password if an unsuspecting user is running an affected release in a browser and then visits a malicious web page that leverages this vulnerability.

The possible outcome is that the vulnerabilities could be used to exploit personal data and accessibility of the user's system overall.

Oracle software security assurance director Eric Maurice explained in a blog post on Thursday that customers should apply the updates as soon as possible because many of the technical details related to the vulnerabilities are already widely available online.
Read more at source:
Oracle issues major Java security fix; recommends immediate action | ZDNet

My System SpecsSystem Spec
.

30 Aug 2012   #2

Windows 7 Professional x64, SP1
 
 

Many thanks Brink. I have been following this with interest and can now go out to my customers and advise issue resolved and to update immediately.
My System SpecsSystem Spec
30 Aug 2012   #3

Windows 8.1.1 64bit
 
 

Is there any problem with disabling Java ?

Such as: Java console, Deployment tool kit, or Platform SE 6 U33.

Can I safely delete these ?
My System SpecsSystem Spec
.


31 Aug 2012   #4
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

A test for your Java's vulnerability.
Is Java Exploitable? powered by Rapid7
My System SpecsSystem Spec
31 Aug 2012   #5

Windows 7 Home Premium 32bit
 
 

Let's see now. The first version of Java was to save the world from ever having to rewrite a program in any other language or for any platform - as in "write once, run everywhere." Did it do that? No! Did it help? Maybe but maybe not.

There was also supposed to be no risk of attack because Java was "safe" and executed in it's own protected environment. Was it? How about the n updates to correct bugs and exploit weak points where n is a continually increasing number. However, now that these last few attack points have been fixed, it is totally and absolutely safe. Oh sure, we can believe that since that is EXACTLY what they said for EACH of the n-1 last upgrades can't we? I don't think we can trust it. At least I don't.

You don't create quality software by running a customer based world wide alpha test. You do it by designing and building the quality into the product BEFORE you release the software. Clearly, this was not done for the Oracle version of Java. There has been countless "updates". Because of that, we have every reason to believe there are uncounted and undiscovered bugs and exploit points living and likely reproducing inside the Java engine. There is also every reason to believe that every bug fix will insert one or more new bugs - likely more.

The bottom line appears to me that Java itself IS the problem. It is a Trojan, a virus, a worm, and social hacking rolled into one package. Was this done on purpose, by incompetency, or carelessness? It doesn't matter. They all have the same result. Java is dangerous to your system and data health because of its design, implementation, and inadequate up front quality control.

Use it at your own risk. I, for one will NOT use it for any purpose.

Have a nice day.
My System SpecsSystem Spec
31 Aug 2012   #6

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium SP1, clean install, upgrade disc
 
 

The latest security fix for Java can be breached.
I have taken the warnings seriously and have uninstalled Java. Most computer users need Java only on rare ocassions.
Researchers Find Critical Vulnerability in Java 7 Patch Hours After Release | PCWorld Business Center
My System SpecsSystem Spec
01 Sep 2012   #7
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

I never installed Java with my new install and don't miss it.
Perhaps Oracle should contact these security firms for help in issuing patches. They seem to find an exploit with each Java update.
My System SpecsSystem Spec
01 Sep 2012   #8

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x86 Service Pack 1 - Linux Mint Mate 14 x64
 
 

So, I've just gone installed Update 7 for Java 7 yesterday, believing that all the security issues have been resolved, and now more security problems have been found?

I use Java most of the time.
My System SpecsSystem Spec
Reply

 Oracle issues major Java security fix; recommends immediate action




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 12:01 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33