Concerning free software, programming, and whatever else I find interesting. Also the blog for my Web site, frigidcode.com.
People are still using Java...?!
Posted 09-02-2012 at 12:03 AM by hydraMax
Tags proprietary software, security
I thought a few lines from this last report about a Java vulnerability were rather humorous:
http://www.theregister.co.uk/2012/08..._patched_java/
http://www.theregister.co.uk/2012/08..._patched_java/
Quote:
Security Explorations, the Polish security startup that discovered the Java SE 7 vulnerabilities that have been the targets of recent web-based exploits, has spotted a new flaw that affects the patched version of Java released this Thursday....
As in the case of the earlier vulnerabilities, Gowdiak says, this flaw allows an attacker to bypass the Java security sandbox completely, making it possible to install malware or execute malicious code on affected systems....
Assuming Oracle does agree that the flaw exists, however, when it will be patched is anybody's guess. The next scheduled Java Critical Patch Update (CPU) isn't due until October 16 – and when Oracle released its last Java CPU in June, it had only patched two of the 31 flaws Security Explorations reported in April....
For the time being, given the apparent similarity of this flaw to the ones previously reported, users are advised to either disable Java in their browsers or uninstall it completely...
As in the case of the earlier vulnerabilities, Gowdiak says, this flaw allows an attacker to bypass the Java security sandbox completely, making it possible to install malware or execute malicious code on affected systems....
Assuming Oracle does agree that the flaw exists, however, when it will be patched is anybody's guess. The next scheduled Java Critical Patch Update (CPU) isn't due until October 16 – and when Oracle released its last Java CPU in June, it had only patched two of the 31 flaws Security Explorations reported in April....
For the time being, given the apparent similarity of this flaw to the ones previously reported, users are advised to either disable Java in their browsers or uninstall it completely...
Total Comments 1
Comments
-
wahahah!!! that was bad!!! ww epic fail sure
Posted 09-02-2012 at 02:31 PM by Web31337