+ Follow This Topic
Results 1 to 5 of 5

Thread: Homeland Security warns to disable Java amid zero-day flaw

  1. 12-01-13, 10:16 AM #1
    AdminOnline's Avatar
    AdminOnline
    AdminOnline is offline Live with passion
    Country:
    Users Country Flag
    Join Date
    Sep 2001
    Gender
    Male
    Posts
    2,088

    Homeland Security warns to disable Java amid zero-day flaw

    The U.S. Department of Homeland Security is the latest body to warn users to disable Java software amid escalating concerns over a serious, exploitable vulnerability.

    The CERT Program has released Vulnerability Note VU#625617 to address a vulnerability in Oracle Java Runtime Environment (JRE) 7 and earlier that is currently being exploited in the wild. This vulnerability may allow an attacker to execute arbitrary code on vulnerable systems.

    US-CERT encourages users and administrators to review CERT Vulnerability Note VU#625617 and US-CERT Alert TA13-010A. Due to the number and severity of this and prior Java vulnerabilities, it is recommended that Java be disabled temporarily in web browsers as described in the "Solution" section of the US-CERT Alert and in the Oracle Technical Note "Setting the Security Level of the Java Client."

    For firefox user,
    To disable java platform TM from firefox, go to 'firefox' > addon > plugins . Click on disable firefox.
    "Invest wisely and have money work hard for you"
  2. 12-01-13, 10:22 AM #2
    Love'sReject's Avatar
    Love'sReject
    Love'sReject is offline Registered User
    Country:
    Users Country Flag
    Join Date
    Dec 2011
    Gender
    Male
    Posts
    5,006
    Thanks, LA!

    Here's a snippet from an article that I think deserves to be placed here for forum members' sakes:

    "In addition, Mountain View, Calif.-based Mozilla said in a blog post that it has begun blocking Java on its Firefox browser unless someone clicks on a feature to activate the software. The click-to-play feature “allows users to enable the Java plugin on a per-site basis if they absolutely need the Java plugin for the site,” the blog said."

    So, provided that you're using Firefox and not the highly vulnerable IE then Mozilla seems to have it covered..
  3. 13-01-13, 08:18 AM #3
    KingZ's Avatar
    KingZ
    KingZ is offline N/A
    Country:
    Users Country Flag
    Join Date
    Nov 2010
    Gender
    Female
    Location
    Democratic People's Republic of Korea
    Posts
    1,856
    That's cute! The NSA spends our money figuring out ways to breaking our shit, and the DHS spends our money telling us to watch out.
  4. 13-01-13, 08:28 AM #4
    Love'sReject's Avatar
    Love'sReject
    Love'sReject is offline Registered User
    Country:
    Users Country Flag
    Join Date
    Dec 2011
    Gender
    Male
    Posts
    5,006
    King, what conspiracy hypothesis are you suggesting now?
  5. 13-01-13, 09:29 PM #5
    KingZ's Avatar
    KingZ
    KingZ is offline N/A
    Country:
    Users Country Flag
    Join Date
    Nov 2010
    Gender
    Female
    Location
    Democratic People's Republic of Korea
    Posts
    1,856
    Not that the NSA had anything to do with these Java vulnerabilities, but:

    http://en.wikipedia.org/wiki/National_Security_Agency#Domestic_activity

    http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy

    naamean?

Similar Threads

  1. BBC News : Minister 'to sue Homeland makers'
    By loveforum in forum Relationship News
    Replies: 0
    Last Post: 19-10-12, 05:20 PM
  2. Anyone know Java?
    By Mish in forum Off Topic Discussion
    Replies: 4
    Last Post: 26-05-09, 07:49 AM
  3. java junkies
    By misombra in forum Off Topic Discussion
    Replies: 1
    Last Post: 08-02-05, 12:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules