Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: JAVA Exploit Remedy?


30 Oct 2012   #1

Windows XP Pro SP3, Windows 7 Pro 32-bit, Windows 7 Ultimate 64bit, Windows XP Home SP3
 
 
JAVA Exploit Remedy?

Scanning the web today [October 30] I still do not see a credible "all clear" signal regarding the JAVA exploit. This team came up with a patch:
Researcher Develops Patch for Java Zero-Day, Puts Pressure on Oracle to Deliver its Fix | threatpost
but I don't see affirmative Greenlight from the major 3rd party security firms.
And as the article clearly shows, its not foremost on Oracle's "do list" .

how are the big IT shops coping? Turning off all things Java?

My System SpecsSystem Spec
.

12 Jan 2013   #2

windows 7 home premium 32bit
 
 
Java Problems

I'd like more information on this JAVA problem too since I've been affected to the tune of 200 bucks for the DELL IT guys to remove the Trojan that was installed on my puter.

From what I've read, the security problem was only supposed to affect JAVA 7, but I had JAVA 6 before all of this bull. The only fix I've seen is to disable JAVA in your web browser.

I took it the next step.... I removed it from my puter!

I'd like to know if JAVA and ORACLE are going to have to pay for this? I wish I was puter savvy enough to remove Malware myself, but since I"m not, I had to get IT to do it. I wouldn't have needed to though, if JAVA wouldn't have had so many security holes in it.
My System SpecsSystem Spec
13 Jan 2013   #3

Windows 7 Professional 64-bit
 
 

Just disable or uninstall it, no one uses Java anyway
My System SpecsSystem Spec
.


14 Jan 2013   #4

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by coderx37 View Post
I'd like more information on this JAVA problem too since I've been affected to the tune of 200 bucks for the DELL IT guys to remove the Trojan that was installed on my puter.

From what I've read, the security problem was only supposed to affect JAVA 7, but I had JAVA 6 before all of this bull. The only fix I've seen is to disable JAVA in your web browser.

I took it the next step.... I removed it from my puter!

I'd like to know if JAVA and ORACLE are going to have to pay for this? I wish I was puter savvy enough to remove Malware myself, but since I"m not, I had to get IT to do it. I wouldn't have needed to though, if JAVA wouldn't have had so many security holes in it.
Welcome to the Seven Forums.

You said, "I'd like more information on this JAVA problem". I've highlighted the word this because there is a lot that I could say about the particular flaw that has gotten a lot of press lately. The executive summary is: Java has had hundreds (okay, thousands) of flaws over the years. Oracle thought that it had fixed one particularly nasty flaw that was only in version 7 - it turns out that they only fixed one way of getting to the flawed code. The article mentioned in the original post of this thread does not seem to deal with that particular flaw.

If you had version 6 update (whatever), then you had flaws - just not the one getting a lot of press.

...and no, Oracle will not be paying $$$ for any damages incurred by their flawed code to users like yourself.


I use Java everyday inside a web browser.

I turn off the temp file storage:
Name:  java1.png
Views: 14
Size:  34.9 KB

I set the security to High:
Name:  java2.png
Views: 7
Size:  20.7 KB

And I see this when I visit a site that want to run Java stuff:
Name:  java3.png
Views: 7
Size:  16.8 KB
caveat: there may be an exploit that lets the bad guys run stuff without that popup showing

Even if I were to place a check mark by "Do not show this again....", I'll still see it again because I don't let it store the answer in the temp file area. This is the way that I want it to operate - I want a prompt for every website that wants to run Java stuff.

If you ever get infected again, visit these forums and let people try and walk you thru the cleanup.


My System SpecsSystem Spec
15 Jan 2013   #5

Microsoft Windows 8.1 Enterprise 64-bit
 
 

January 13, Krebs on Security – (International) Oracle ships critical security update for Java. Oracle released an update for Java to fix the recent critical vulnerability that allowed malware to exploit computers running the program. The update also increases the default security settings for running Java applications from ‘medium’ to ‘high.’ Source: Oracle Ships Critical Security Update for Java — Krebs on Security
My System SpecsSystem Spec
18 Jan 2013   #6

Microsoft Windows 8.1 Enterprise 64-bit
 
 

My System SpecsSystem Spec
18 Jan 2013   #7

Win 7 Ultimate 64 bit
 
 

I got rid of Java a long time ago. No more worries.
My System SpecsSystem Spec
18 Jan 2013   #8

Windows 7 Ultimate x64
 
 

read about it , as it was all in the news about disabling java in the browser .

Quote:
The U.S. Department of Homeland Security reiterated advice for computer users to disable Oracle Corp.'s widely used Java software for surfing the Web, saying it still poses risks to users after the company released an emergency update over the weekend.
"Unless it is absolutely necessary to run Java in Web browsers, disable it," the Department of Homeland Security's Computer Emergency Readiness Team said on Monday in a posting on its website.
My System SpecsSystem Spec
Reply

 JAVA Exploit Remedy?




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:24 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33