abarbarian Posted September 26, 2012 Share Posted September 26, 2012 http://arstechnica.com/security/2012/09/yet-another-java-flaw-allows-complete-bypass-of-security-sandbox/ Researchers have discovered a Java flaw that would let hackers bypass critical security measures in all recent versions of the software. The flaw was announced today by Security Explorations, the same team that recently found a security hole in Java SE 7 letting attackers take complete control of PCs. But this latest exploit affects Java SE 5, 6, and 7—the last eight years worth of Java software. Gowdiak and his team have found a total of 50 Java flaws. While this latest one apparently isn’t being exploited in the wild yet, another that was being exploited was patched by Oracle last month, reportedly four months after Oracle learned of the vulnerability. We asked Oracle for comment this afternoon and have not heard back yet. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 27, 2012 Share Posted September 27, 2012 Time to fix it, I guess. Huh? Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 27, 2012 Share Posted September 27, 2012 Oracle really needs to get rolling on being proactive on this type of thing instead of reactive. There are way too many commercial programs and other programs too that use Java to throw it away because of repeated vulnerabilities like this. Quote Link to comment Share on other sites More sharing options...
Corrine Posted September 27, 2012 Share Posted September 27, 2012 I haven't missed having Java on my computer. I removed it well over two years ago and have yet run into a program or website that needed it. Quote Link to comment Share on other sites More sharing options...
ross549 Posted September 28, 2012 Share Posted September 28, 2012 I need java for LogMeIn, but that's about it. Adam Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 28, 2012 Share Posted September 28, 2012 There are quite a few programs out there similar to LogMeIn that use Java too including GoToAssist/Citrix. Plus the military could do better than requiring users to run an older version for a site the user has no control over. Additional information regarding accessing myInvoice: Java 7 does not currently work with Oracle Forms and Reports, so a high version of Java 6 is required ... I am not going to post the link but that's not good at all. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 28, 2012 Share Posted September 28, 2012 I need java every morning... sometimes, in the afternoon, too. Quote Link to comment Share on other sites More sharing options...
zlim Posted September 29, 2012 Share Posted September 29, 2012 (edited) Unfortunately OpenOffice needs Java; not surprising when you know they are both Oracle products. LibreOffice needs it too but they are going to do away with Java in the next version. Currently only the database part, I think requires it. Edited September 29, 2012 by zlim Quote Link to comment Share on other sites More sharing options...
ross549 Posted September 29, 2012 Share Posted September 29, 2012 That is excellent.... because Java made it slow as molasses flowing uphill in January. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 30, 2012 Share Posted September 30, 2012 I am sure LibreOffice also uses it and I definitely use that. It is an excellent thing that LibreOffice is moving away from Java. But there are still many things that need it. I bet there are still many medical programs that are using an ANCIENT version of Java too. Quote Link to comment Share on other sites More sharing options...
mac Posted September 30, 2012 Share Posted September 30, 2012 NWS radar is one that I use regularly that runs on Java. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted September 30, 2012 Share Posted September 30, 2012 Yes, they used to use java for that, but didn't they move to Flash? Pretty sure they did. Which I thought was so silly when they first did that because Flash isn't much better. Quote Link to comment Share on other sites More sharing options...
mac Posted October 1, 2012 Share Posted October 1, 2012 Yes, they used to use java for that, but didn't they move to Flash? Pretty sure they did. Which I thought was so silly when they first did that because Flash isn't much better. Whoops, you're correct. They switched to Flash. My bad. Quote Link to comment Share on other sites More sharing options...
Corrine Posted October 3, 2012 Share Posted October 3, 2012 At least Adobe updates Flash Player faster than Oracle addresses Java issues. Quote Link to comment Share on other sites More sharing options...
zlim Posted October 3, 2012 Share Posted October 3, 2012 Flash is also a lot easier to turn off and on when you need to use it briefly. Too bad there is not a site by site java turn on tool. :'( I haven't gone to the site I use that requires java. Quote Link to comment Share on other sites More sharing options...
zlim Posted October 4, 2012 Share Posted October 4, 2012 Only temmu could come up with an answer like that! Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted October 6, 2012 Share Posted October 6, 2012 So true! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.