No I'm not disabling Java. Even if this threat is real it's most likely intended to to target large corporations, not home users.
Disable Java NOW, users told, as 0-day exploit hits web
- Thread starter deathninja
- Start date
Recommended Videos
For Opera users go to Tools-Advanced-Plug Ins, then disable java from the list.
I use noscript,and I recommend you download it too, I think someone already posted a link.
http://noscript.net/
I use noscript,and I recommend you download it too, I think someone already posted a link.
http://noscript.net/
You wouldn't actually miss anything. Or at least it's extremely unlikely that you're visiting any websites that have Java applets. It's mostly used for interactive things on the webpage, however, Flash has largely overtaken that. There are still very few places that do have Java stuff on there, such as games (I know I've seen one website) but, as I said, it's sort of not common.Doclector said:
At any rate, you will notice if something is missing.
OT: Meh, I've had Java disabled for over a year now. As I said above, it's not like it's very common. And there was exactly one website that made me disable it - visiting always launched the JVM for some reason and it slowed stuff down. Aside from it, I've seen another 3-5 websites that I needed Java for but since I had QuckJava for Firefox, I can enable and disable Java (along with JavaScript, Flash, Silverlight, cookies, images, etc) with the press of a button. I'd suggest that addon or similar (Web Developer also has it), since it's just faster to toggle things on/off.
Yes, I'm sure malicious users would have the presence of mind to addcanadamus_prime said:
if (homeUser == true) {
System.exit(0)
} else {
// do damage
}
to any attack they try.
Yeah yeah point taken, but I'm still not going to freak out every time some piece of fear-mongering news comes floating across the web.DoPo said:
And here I am, proud to be a Linux user who doesn't have to give a flying about M$-executables and a plugin I only use in a development environment anyways! Wheeeeee =D
That said, I see I was ninja'd to "Java != JavaScript" already? ... Damn you, Internet.
That said, I see I was ninja'd to "Java != JavaScript" already? ... Damn you, Internet.
In my previous experiences with Java and Jscript, disabling the script alone in my browser did not prevent arbitrary code execution using Java.Imat said:
For my first semester of math at university, we needed to use a plugin for the learning/homework platform (MyMathLab) that used Java but not Jscript, and I was compromised by it through Java despite it being disabled.
If this exploit is only known for Jscript, then fine. Turn off Jscript.
Following that experience, I prefer to err on the side of caution with widespread exploits, especially when those who are responsible for patching it haven't said anything about the exploit or a possible fix.
To be fair, it's not like you are immediately and always a target if you have Java. You do have to visit a specific website, at least that's what the news says. It's more of a "you are potentially in danger, beware", so by being careful, you should be safe.canadamus_prime said:
I didn'tUNHchabo said:
I only use Java within a secluded development environment. On the very off chance that a Linux payload would be delivered, I still don't need to give a flying. Chances of me blowing up my own PC with code errors are higher than screwing it up with that loophole.
It's a Java exploit, not a JavaScript exploit. Simple as that.Atmos Duality said:
Doesn't mean JS isn't as prone to exploits, however, given the fact that most browsers run their plugins on JavaScript ...
Does this affect Chrome users as well? I'm not well versed in Java and all and I don't use FireFox cuz it was bought by Google anyway.
The article stated that it was ill-adviced to use older versions. As they may contain other bugs or exploitable weaknesses.Owyn_Merrilin said:
For those of you worried to play Minecraft, or any Java game for that matter, it won't effect anything if you don't play it directly from your browser, so if you play Minecraft, just download the .exe file and play from there (it's much better IMO).
Disable Java and keep playing your non-browser Java games without any worry.
(Goodbye Runescape, see you till october )
Disable Java and keep playing your non-browser Java games without any worry.
(Goodbye Runescape, see you till october
)
I run IcedTea, not the official JRE, so I'm pretty sure this doesn't affect me. I haven't done much research though, so feel free to correct me if I'm wrong about that.
That's pretty much always true, though. I think we can all agree that Java is as full of holes as a sieve, no matter what version you're on.Nikolaj Bilgrau said:The article stated that it was ill-adviced to use older versions. As they may contain other bugs or exploitable weaknesses.Owyn_Merrilin said:
I read this in Liquid Snake's voice2fish said: