Java vulnerability in web browsers
8 views
Skip to first unread message
Dennis Piechota
Jan 13, 2013, 6:38:21 AM1/13/13
to RTI_...@googlegroups.com
For those of us interested in posting PTMs to websites using Java comes this setback:
Read more at:
http://www.politico.com/story/2013/01/feds-issue-warning-on-java-security-86090.html
The U.S. Department of Homeland Security is recommending that internet users
disable Java in their Web browsers after pinpointing vulnerability in the Oracle software.
According to a Thursday afternoon post on the U.S. Computer Emergency
Readiness Team’s website [http://www.kb.cert.org/vuls/id/625617], Java
7 Update 10 and earlier could allow a remote user to “execute
arbitrary code on vulnerable systems,” putting it at risk for malware.
A cyberattacker could exploit the risk to either direct a user to
visit a website that would download malicious software to their
computer or to access a legitimate website and compromise it with a
malicious applet (a “drive-by download”), CERT said....
Dormann said making matters worse is the fact that the vulnerability
is true for most operating systems, including Windows, OS X and Linux,
and browser-level protections will not work against it.
Read more at:
http://www.politico.com/story/2013/01/feds-issue-warning-on-java-security-86090.html
It is also recommended that Internet Explorer users use an alternate browser unless
you feel comfortable altering the registry. See:
http://www.kb.cert.org/vuls/id/636312#solution
Note: It's my understanding that while Java must be disabled Javascript can be
left enabled. This is good because it is required for Google Groups functioning and apparently is
http://www.kb.cert.org/vuls/id/636312#solution
Note: It's my understanding that while Java must be disabled Javascript can be
left enabled. This is good because it is required for Google Groups functioning and apparently is
not part of the current vulnerability.
If anyone has more accurate or uptodate info let us know.
Dennis
--
Dennis Piechota
Conservator
Fiske Center for Archaeological Research
UMass Boston
Office: 617-287-6829
--
Dennis Piechota
Conservator
Fiske Center for Archaeological Research
UMass Boston
Office: 617-287-6829
Leif Isaksen
Jan 13, 2013, 2:45:02 PM1/13/13
to rti_...@googlegroups.com
Thanks for the heads-up Dennis - that's a pretty big deal.
FWIW Javascript and Java are unrelated (despite the similar name) so
there should be no problems in continuing to run JS.
All the best
L.
> --
> Group website is: https://sites.google.com/site/buildrtis/
> ---
> You received this message because you are subscribed to the Google Groups
> "RTI_help" group.
> To post to this group, send email to rti_...@googlegroups.com.
> To unsubscribe from this group, send email to
> rti_help+u...@googlegroups.com.
>
>
FWIW Javascript and Java are unrelated (despite the similar name) so
there should be no problems in continuing to run JS.
All the best
L.
> Group website is: https://sites.google.com/site/buildrtis/
> ---
> You received this message because you are subscribed to the Google Groups
> "RTI_help" group.
> To post to this group, send email to rti_...@googlegroups.com.
> To unsubscribe from this group, send email to
> rti_help+u...@googlegroups.com.
>
>
Reply all
Reply to author
Forward
0 new messages