Java 7 security hole

#1 Edited by WarlockEngineerMoreDakka (425 posts) - 8 months, 22 days ago

Was just wondering if anyone was aware of this news that started flying around today:

http://krebsonsecurity.com/2012/08/attackers-pounce-on-zero-day-java-exploit/

The reason this security hole is so notable is that pretty much every OS and browser that uses Java 7 is supposedly targetable. (There have been varying reports on how successful it is against Chrome though)

So if you have the latest version of Java 7- you'll probably want to disable Java until Oracle gets a security update out- or downgrade to an older version like Java 6.

..... And Oracle doesn't exactly have the best track record with being timely on updates. -_- (Unless they get enough pressure, the security update probably won't come until October due to Oracle's updating schedule)

#2 Posted by TyCobb (1011 posts) - 8 months, 22 days ago

Yay.... fucking Java. I get that it is platform independent blah blah, but I fucking hate it. Hate the gimped language and hate that there are always security holes. It is as bad as Flash.

#3 Posted by CosmicBatman (315 posts) - 8 months, 22 days ago

Is Java even used much anymore?

#4 Edited by TyCobb (1011 posts) - 8 months, 22 days ago

@CosmicBatman said:

Is Java even used much anymore?

It sure is. All over the place.

  • Minecraft
  • Android Apps are programmed in Java and then compiled/ran from the Dalvik VM.
  • LOTS of web sites run off of Java
  • Tons of programs that want to be platform independent.
  • Gaikai uses Java to stream game demos to the browser.
  • And a lot more stuff you or I didn't realize used Java.
  • Blu-Ray runs off Java
#5 Posted by CosmicBatman (315 posts) - 8 months, 22 days ago

Ya, I was thinking of Minecraft after I posted this. I didn't realize Blu-Ray used Java as well.

#6 Posted by AlisterCat (5023 posts) - 8 months, 22 days ago

Aren't there a load of security holes in every version of Java? Not that this news should be downplayed. New exploits are bad for everyone.

#7 Posted by Village_Guy (2091 posts) - 8 months, 22 days ago

Oh my... This doesn't bode well, unless it gets fixed soon.

If they don't, well...

#8 Edited by WarlockEngineerMoreDakka (425 posts) - 8 months, 22 days ago

@AlisterCat said:

Aren't there a load of security holes in every version of Java? Not that this news should be downplayed. New exploits are bad for everyone.

Yes- the prospect of Java having security holes is nothing new... It's just that this is the most major security hole Java's had for quite a while.

#9 Posted by LordAndrew (13812 posts) - 8 months, 22 days ago

I don't know, seems every week there's a new Java vulnerability.

Please Log In

Use your keyboard!

  • ESC