|
|
 |
|
|
Pages: 1
Java flaw could lead to Windows, Linux attacks
(Click here to view the original thread with full colors/images)
Posted by: Ion Silverbolt
Cnet news has some info about a Java flaw that affects any browser using Java.
The Java plug-in enables small Web programs, known as applets, to run safely on a user's computer. But the security flaw allows a malicious Web site accessed through a victim's browser to bypass those protections.
"It allows execution of attacker-supplied code without user interaction (apart from viewing a Web page) which usually means a 'critical' classification," Pynonnen stated in an e-mail interview with CNET News.com.
"The same exploit could also be used against various operating systems and browsers, which makes it more serious," he added. The vulnerability can be used to attack systems running on Windows or Linux, for example, and using major browser software such as Microsoft's Internet Explorer and Firefox--meaning a large number of systems are vulnerable to attack.
An attacker could use the flaw to do anything the victim normally could, including browse, modify or run files, upload more programs to the victim's system, or send out data from the system, Pynnonen wrote in an advisory dated Tuesday.
**UPDATE** While the flaw was just reported today, the latest version of Java is protected from this vulnerability. Grab the update and read about it here if necessary.
http://sunsolve.sun.com/search/docu...ey=1-26-57591-1
Posted by: Ion Silverbolt
I don't see this threat as being serious for Linux. Unless you surf the net as a root user. Which no one does.
Posted by: taco_fox
oh good.
What are the benefits of Java again?
Posted by: Ion Silverbolt
 Quote:
|
Originally Posted by taco_fox
oh good.
What are the benefits of Java again?
|
Yahoo chatrooms I guess.
Posted by: INeedHelp
What are the steps I need to take to ensure that I do not get attacked? Should I uninstall Sun Microsystems Virtual Java Machine from my computer? Thank you.
Posted by: Ion Silverbolt
You should be able to disable Java from within the browser settings. There's a setting for Java and Javascript in the preferences in Firefox. Some web pages might not work right with it disabled, but I haven't found any worthwhile ones that depend on it either. The one I do online banking has it, but it's just for a retarded banner. And the site still works for the important stuff I need to do.
Posted by: Ion Silverbolt
Check the first post, the updated Java fixes the vulnerability.
|
|
|
|
|
