Have you disabled java on all your machines?

dvarian

Another day, another java exploit. A new browser based exploit apparently lets attackers execute arbitrary code on client systems, and there is no patch available. From what I've read, the vulnerability exists in JRE 1.7 or later, but 1.6 or earlier is ok. I didn't really see an option, and disabled Java on all of our machines (including Macs). Was this an overreaction on my part, or have you disabled Java as well?

Topic: Security
Answer this Question

Answers

2 total
jimlynch
Vote Up (9)

Yep, I don't really have much of a need for it on my Macs. So it's been disabled.

dthomas
Vote Up (8)

I haven't, but I guess I probably should.  http://www.theregister.co.uk/2012/08/27/disable_java_to_block_exploit/

Ask a question

Join Now or Sign In to ask a question.
Twitter's recently announced bug bounty program has helped the company identify and patch a serious vulnerability that could have potentially disrupted advertising on its platform.
After a one-week delay, Adobe Systems has released security updates for its Reader and Acrobat products to patch critical vulnerabilities that could lead to computers being compromised.
Yelp has agreed to pay US$450,000 to the U.S. Federal Trade Commission to settle charges that the company accepted registrations to its services from children under 13 through its apps.
Apple on Tuesday began offering an additional security protection for iCloud account users, a move the company made following the theft of nude photos from several celebrities' accounts last month.
Hackers purportedly representing Anonymous hit Boston Children's Hospital with phishing and DDoS attacks this spring. The hospital fought back with vigilance, internal transparency and some old-fashioned sneakernet. That – and a little bit of luck – kept patient data safe.
A Citadel variant has been used against several Middle Eastern petrochemical companies, marking the first time the financial malware has been found in targeted attacks against companies.
Hackers evaded security systems for a year-and-a-half at a hosting center that processed payment cards for Goodwill Industries, using the same type of malware that struck Target and other major retailers to steal card data, according to the charity's software vendor.
The U.S. Congress is unlikely to pass legislation to end the National Security Agency's widespread collection of U.S. telephone records before leaving Washington, D.C., on a two-month break.
Customers cringe every time they hear about a bank, retail or healthcare hack that puts personal or financial data at risk. Today's hackers are after much more that credit card numbers, though -- and most firms are powerless to stop them.
While the capability to remotely wipe data from lost or stolen mobile phones may help CIOs sleep at night, it may be an outdated approach to BYOD security.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

randomness