JAVA 7 Vulnerability

  • sherma
  • Silver Member
  • Silver Member
  • User avatar
  • Posts: 127

Post 3+ Months Ago

(not sure where this should go since it's not really a website security only issue?)

Can someone explain to me exactly what is going on with it?
(I'm not a Java coder) but from what I understand, during the installation of the new version, it tests the existing Security Manager in your browser or plugin to see if it is safe to replace it, but that 'test' can return an unsafe result which can cause the upgrade to install without a Security Manager being enabled at all?

Am I even close to understanding what the problem is?

Why is there no fix in sight?

http://www.kb.cert.org/vuls/id/625617
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9074
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

From what I see there is a fix now, its possible the fix was not there when you posted this, however, hopefully you have upgraded by now.
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6229
  • Loc: Seattle, WA

Post 3+ Months Ago

They released a patch recently to temporarily "solve" the problem, but a true fix for the underlying issues in this version of Java might take a bit more time to fix.
  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Posts: 9074
  • Loc: Seattle, WA & Phoenix, AZ

Post 3+ Months Ago

I would just uninstall Java, but unfortunately I need Java for a few of the programs I run such as Eclipse, so was looking into this and it looks like with the latest version of Java you can disable Java in all of your browsers easily, and change the security level. Here is a link that explains much of the Java Control Panel:

http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/jcp.html

and here is their image that shows the security tab:

Image

Also if you are unsure on how to get to the Java Control Panel in Windows, simply goto your start menu, then control panel, then click on Java.

Post Information

  • Total Posts in this topic: 4 posts
  • Users browsing this forum: No registered users and 31 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.