Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Java 1.7 Security


19 Sep 2012   #1

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 
Java 1.7 Security

Why you should probably disable Java now
By Will Oremus, Slate - 9/1/201

Hackers have found a flaw in Oracle’s Java software that allows them to break into users’ computers and install nasty malware, security experts report. The attack, first spotted on Sunday by researchers at the security firm FireEye, is what security types call a "zero-day" threat, exploiting a previously unknown vulnerability for which there is currently no fix available.

The loophole appears to affect Java Version 7 (also known as 1.7) on all browsers. So far the attacks have been against PCs, but Mac users are vulnerable as well. Businesses should be especially concerned about targeted attacks, but just about anyone who uses Java on the Internet is at risk, especially since the attack has been added to the Internet’s most popular hacking kit, BlackHole.

Given the potential seriousness and pervasiveness of the attacks - and Oracle’s reputation for being slow on the draw in response to Java vulnerabilities - experts say that everyday Internet users should probably just disable Java entirely. Like, right now.

"Java has been the most exploited program for well over a year now and it simply isn’t worth the risk," Chet Wisniewski of the security firm Sophos told me in an email. "I would recommend removing Java entirely, if you can."

That’s not as problematic as it might sound. Java is not as popular on websites as it once was, and the average browser will rarely run across it, Wisniewski says.
.....
For those who can’t live without Java, Wisniewski’s blog post at Naked Security offers a few other suggestions.
One final point: This flaw does not appear to affect the previous version of Java (Version 6, aka 1.6), which is the default on most Macs. So while Mac users are theoretically as vulnerable as Windows users, only those who have specifically installed Java 1.7 should be at risk.




My System SpecsSystem Spec
.

19 Sep 2012   #2

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

I uninstalled Java v1.7 downloaded but did not install v1.6.
Browser add-ons
IE9 - no problem
Mozilla 15 - javadeployment plugin shows up after Java uninstall. (C:\Windows\syswow64\npdeployJava1.dll)
---> must have been left over in my registry before I learned more about 32/64 versions (64 bit java only for 64 bit browsers). I renamed it to npdeployJava1.dl0 and cCleaned the registry - only for Java entries (program - not javascript).

While I was at it, I updated OpenOffice to see how it would work without Java. Seems to be ok, but I haven't done much other than open a few Calc and Write files.

If other apps run fine without Java, I'll leave it off.

Side note: I read a discussion about OpenOffice and LibreOffice - seems as though they're the same base (sort of). Oracle donated OpenOffice to Apache - some folks left OpenOffice before that and started LibreOffice, essentially using the same base code (Novell OpenOffice). We'll see how this all plays out.
My System SpecsSystem Spec
19 Sep 2012   #3

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Hello Slartybart I saw an alert for this in How to Geek this morning plus my Kaspersky is now flashing up alerts for legal software that can be used by crims.
My System SpecsSystem Spec
.


19 Sep 2012   #4

Windows 7 Pro. 64/SP-1
 
 

Well removed Java quiet awhile ago and haven't had any problems either. Java has been attacked a lot recently.
My System SpecsSystem Spec
19 Sep 2012   #5

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Quote   Quote: Originally Posted by Layback Bear View Post
Well removed Java quiet awhile ago and haven't had any problems either. Java has been attacked a lot recently.
Hiyya LB so I have got it right - you removed everything? as I sometimes get stuff that says I need Java to run it can't think of one off the top of my head but is there on occasions.
My System SpecsSystem Spec
19 Sep 2012   #6

Windows 7 Pro. 64/SP-1
 
 

Yes I did. If down the road I need Java for something I'm doing I will just install the newest versions. In the mean time I don't need it and it's being attacked quiet often.
Their are some programs out there that need it and people just have to check Java for updates at least once a day.
My System SpecsSystem Spec
19 Sep 2012   #7

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Thanks Layback Bear I might just uninstall my self and maybe reinstall as that would the latest updates at least one would hope. Mind you I might just try the watch and wait approach.
My System SpecsSystem Spec
19 Sep 2012   #8

Windows 7 Pro. 64/SP-1
 
 

Just make sure when and if you decide to install or update Java you use their website. The people attaching Java know people are looking for updates and could put false updates out their on normally good websits.
My System SpecsSystem Spec
19 Sep 2012   #9

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Ok mate I usually do from their website but I do know what you mean - I had a scam tried on me recently that had a genuine looking PayPal invoice.

If the fellow had not been so greedy and the grammar a tad better plus the fool at the finish wanted a deal that well you would have to be mad to agree to I might have been a few hundred $'s lighter now
My System SpecsSystem Spec
20 Sep 2012   #10

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Umm, according to what I've read - the latest version IS the problem.

Java 1.6 does not appear to have the vulnerability. Of course you should verify that with your own trusted sources.
Quote   Quote: Originally Posted by Slartybart View Post
Why you should probably disable Java now
By Will Oremus, Slate - 9/1/201
.....
One final point: This flaw does not appear to affect the previous version of Java (Version 6, aka 1.6), which is the default on most Macs. So while Mac users are theoretically as vulnerable as Windows users, only those who have specifically installed Java 1.7 should be at risk.


All day and not one application complained about Java missing. I do recall some apps used to require it (OpenOffice and perhaps Taxcut) - but oOffice is fine. I also changed the configuration - unticked the "Use JRE" box (on the Java sub menu).
My System SpecsSystem Spec
Reply

 Java 1.7 Security




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:13 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33