Serious New Java Flaw Affects All Versions of Windows

Page 1 of 2 12 LastLast

  1. Posts : 268
    windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home
       #1

    Serious New Java Flaw Affects All Versions of Windows


    read here.....Serious New Java Flaw Affects All Current Versions of Windows | threatpost

    There is a serious vulnerability in Java that leaves users running any of the current versions of Windows open to simple Web-based attacks that could lead to a complete compromise of the affected system. Two separate researchers released information on the vulnerability on Friday, saying that it has been present in Java for years.

    The problem lies in the Java Web Start framework, a technology that Sun Microsystems developed to enable the simplified deployment of Java applications. In essence, the JavaWS technology fails to validate parameters passed to it from the command line, and attackers can control those parameters using specific HTML tags on a Web page, researcher Ruben Santamarta said in an advisory posted Friday morning.In short, if you have a recent version of Java running on a Windows machine, you're affected by this flaw.The workaround for this problem is to disable JavaWS and Javaws.exe, Santamarta said in his advisory
      My Computer


  2. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #2

    Sun company is offering this very important link that allows users to run a quick scan to determine whether the Java environment installation is up to date.

    Update should be 6u19
      My Computer


  3. JMH
    Posts : 7,952
    Win 7 Ultimate 64-bit. SP1.
       #3

    Nifty Java bug could lead to attack.


    A Google researcher has published details of a Java virtual machine bug that could be used to run unauthorized programs on a computer.

    The attack was disclosed Friday by Google's Tavis Ormandy, who said he had notified Oracle's Sun team about the flaw earlier. "They informed me that they do not consider this vulnerability to be of high enough priority to break their quarterly patch cycle," Ormandy wrote. "I did not agree."

    Oracle declined to comment on the issue. The company just released a major Java update last week and its next set of patches is due in July.
    Source -
    Nifty Java bug could lead to attack - Computerworld
      My Computer


  4. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #4

    The company just released a major Java update last week and its next set of patches is due in July.
    Bah! So I guess this means that Oracle isn't going to provide any better support for Java than Sun Microsystems did.
      My Computer


  5. Posts : 8,375
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
       #5

    Hopefully that offers a fix to the problem seen with previous versions. Another source had this title on on article. "Sun Java flaw exposes Windows users to dangerous Web attacks" Sun Java flaw exposes Windows users to dangerous Web attacks | Zero Day | ZDNet.com

    Just to add a note here for those running the 64bit IE you have to manually download the latest 64bit version of Java on the page seen at http://java.com/en/download/manual.jsp

    That will be the second link under Windows seen there.

    Windows 64-bit operating system comes with both 32-bit and 64-bit Internet Explorer (IE) browsers. 32-bit IE comes as a default. There are different versions of Java software available for download depending on whether you are using 32-bit or 64-bit IE browsers.

    Please note that the 64-bit Java is presented as a download option automatically for 64-bit Internet Explorer users, as it is the only officially available 64-bit browser for Windows.
    Installations page seen at http://java.com/en/download/faq/java_win64bit.xml
    Last edited by Night Hawk; 11 Apr 2010 at 20:42. Reason: Additional information
      My Computers


  6. JMH
    Posts : 7,952
    Win 7 Ultimate 64-bit. SP1.
       #6
      My Computer


  7. Posts : 2,127
    Windows XP - Now Windows 7 Home Premium (64-bit).
       #7

    Be careful also as when the Java update runs periodically, I've noticed it's asking to install the Yahoo toolbar by default.
      My Computer


  8. Posts : 18,404
    Windows 7 Ultimate x64 SP1
       #8

    The company just released a major Java update last week and its next set of patches is due in July.
    Apparently, doesn't seem to be the case.

    Java (JRE) 6 update 20 released
      My Computer


  9. Posts : 8,375
    W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
       #9

    manhunter2826 said:
    Be careful also as when the Java update runs periodically, I've noticed it's asking to install the Yahoo toolbar by default.
    Why? Don't you just love addon toolbars set to install automatically unless you uncheck the box?

    You'll find that annoyance quite often seen for Google as well as Yahoo toolbars. Here I run the AVG security bar due to the filtering potential that shows while running another AV program entirely.

    Most of these other toolbars other then the new Windows Live bar tend to leave you wide open for adwares and other things.

    Airbot said:
    The company just released a major Java update last week and its next set of patches is due in July.
    Apparently, doesn't seem to be the case.

    Java (JRE) 6 update 20 released
    Awwww gee Airbot I just went for the 6 update 19 last week now the 20?

    You may want to take a closer look on the Supported System Configurations page however to make you go for the correct one depending Java SE Development Kit(JDK), Java SE Envrionment(JRE), or Java For Business(JFB) as well as choosing between the 32bit and 64bit platforms. Supported System Configurations for Java SE 6 and Java For Business 6
      My Computers


  10. JMH
    Posts : 7,952
    Win 7 Ultimate 64-bit. SP1.
       #10
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 12:15.
Find Us