Do any of you regularly visit a site that requires Java to be installed on your computer?
I was reading through some tech blogs a few days ago and heard about a new Java 0day exploit. Malicious websites are already using this exploit to compromise computers.
Naturally I hurried to disable the Java browser-plugin for my browser. I'm not sure why I had it installed in the first place. Which sites even use Java applets nowadays?
Anyway, If you're reading this thread, chances are:
I suggest you all disable Java or update it as soon as possible. Since I don't ever interact with a Java applet, I've disabled the Java browser plugin indefinitely.
PS: The update apparently also has an exploit in it that allows for sandbox bypass (which isn't being exploited...yet). Oracle's programmers clearly can't be trusted to code a secure sandbox environment.
Unless you're one of the few who regularly interacts with a Java applet; you should disable the browser plug-in permanently or enable it only for specific websites.
Edit By JmZ:
If you are using chrome ignore this warning completely, chrome disables java by default, do not worry, do not panic, do nothing.
I was reading through some tech blogs a few days ago and heard about a new Java 0day exploit. Malicious websites are already using this exploit to compromise computers.
Naturally I hurried to disable the Java browser-plugin for my browser. I'm not sure why I had it installed in the first place. Which sites even use Java applets nowadays?
Anyway, If you're reading this thread, chances are:
- You're running a vulnerable version of Java
- You have the Java browser-plugin installed
- Your anti-virus won't be able to do much against most of these new backdoors (modified to avoid signature detection by AV's)
I suggest you all disable Java or update it as soon as possible. Since I don't ever interact with a Java applet, I've disabled the Java browser plugin indefinitely.
PS: The update apparently also has an exploit in it that allows for sandbox bypass (which isn't being exploited...yet). Oracle's programmers clearly can't be trusted to code a secure sandbox environment.
Unless you're one of the few who regularly interacts with a Java applet; you should disable the browser plug-in permanently or enable it only for specific websites.
Edit By JmZ:
If you are using chrome ignore this warning completely, chrome disables java by default, do not worry, do not panic, do nothing.