No announcement yet.

Java vulnerability with active exploit

  • Filter
  • Time
  • Show
Clear All
new posts

  • Java vulnerability with active exploit

    I was getting a popup from Firefox warning me that the "Java Deployment Toolkit" was being disabled because it had a known vulnerability. Some investigation revealed that Java doesn't remove old code (in case some old widget needs it for compatibility) and it doesn't update frequently so I'm likely to have the vulnerable code installed for quite some time.

    Here's a story about the active exploit taking advantage of this:

    The Firefox bug report, with lots of details:

    Information on uninstalling the old versions of Java:

    And then go back to the main Java home page to install the latest version, currently version 6 update 20:
    Dude, seriously, WHAT handkerchief?

    snooggums' density principal: "The more dense a population, the more dense a population."

    Iliana: "You're a great friend but if we're ever chased by zombies I'm tripping you."

  • #2
    Re: Java vulnerability with active exploit

    Hmm, something must be wrong on my end. I had the FF JDK disabled already and yet I just got a pop-up again telling me I should restart FF to disable it.

    Hmm, Update 20. Ack. I just installed JDK Update 19 the other day.
    |TG-18th| Acreo Aeneas
    TG World of Tanks Clan Executive Officer
    Former 9th & 13th

    Pronounciation: Eh-Cree-Oh Ah-Nay-Ess
    Still can't say it? Call me Acorn then. -.-

    SSDs I Own: Kingston HyperX 3K (240 GB), Samsung 840 Pro (256 GB), Samsung 840 EVO (250 GB), Samsung 840 x 2 (120 GB), Plextor M5S (120 GB), OCZ Vertex (30 GB)

    TG Primer and Rules


    • #3
      Re: Java vulnerability with active exploit

      Thanks for doing the legwork on this, ScratchMonkey! I need Java once in a blue moon, so I just disabled it in the browser and hoped it would go away. Your approach is better :)

      Who needs a life when you can have a heavy bolter?
      <23:03:38> "|TG|Smachin<BF Admin>" was kicked from the server by "|TG-70th| Zhohar" (UNDERAGE ban.)
      Anything over $600, and it would be pointless to try and reason with Grandma




      TeamSpeak 3 Server




      Twitter Feed