Jump to content
Login new information ×
Login new information

Patch Java now, says Oracle. Leave the chocolate until later

steven36

By steven36
in Security & Privacy News

Recommended Posts

steven36

steven36

Posted
Posted

Malicious web page could achieve remote PC takeover without authentication

 

02r2MsV.jpg

 

Oracle is urging Java users to upgrade, ASAP, to crimp a very nasty bug in the desktop and browser plug-in versions of the software.

 

Labelled CVE-2016-0636, the flaw scored a 9.3 on the Common Vulnerability Scoring System bug severity rating.

 

That high score comes about because the flaw means attackers “can impact the availability, integrity, and confidentiality of the user's system.” Worse still, an attacker can do that remotely, without authentication.

 

In other words, visit the wrong web site with un-patched Java and there's a decent chance crims can rummage through your entire computer then hop onto your network. What happens next doesn't bear thinking about.

 

Big Red's posted an update version of Java, Java SE 8u77, here. Or you can trust to auto-updates on Windows.

 

Long story short: however you get the fix, get off Oracle Java SE 7 Update 97, and 8 Update 73 and 74, on Windows, Solaris, Linux, and Mac OS X.

 

And then go stuff yourself with Easter Eggs.

 

The Source

Link to comment
Share on other sites
  • Replies 2
  • Views 777
  • Created
  • Last Reply
straycat19

straycat19

Posted
Posted

When software becomes more vulnerable than useful then it has outlived its usefulness.  JAVA has reached that point years ago and yet we are still stuck with it.  Though HTML5 is supposed to do away with the need for JAVA it seems like the adoption process is really going very slowly.

Link to comment
Share on other sites
steven36

steven36

Posted
  • Author
Posted

In Firefox  they disable Java plugin by default  along  time ago  you had to enable it.  On x64 versions of Linux  we had x64 versions  of Firefox years before windows did. x64 Firefox  dont have the plugin at all  nether  does Google Chrome . Only I use Java  in Linux  for some 3 party programs  not my browser . I have programs Java free that replaces  these on windows  .Ive not installed Java  on windows in a very long time . Even before Firefox had x64 in windows i used Cyberfox  x64 and it didn't have it.   So its  not used by home users like it use to be anymore  . Its not needed at home much no websites runs  off of it anymore  that i use . :) 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...