Operating Systems and Software

RE: Billions of Computers Compromised in Zero Day Java Exploit

MSaxena — Wed, 10 Oct 2012 11:24:36 GMT

i really like that you are giving information on core and advance java concepts. i found your information very helpful indeed.thanks for it.

RE: Billions of Computers Compromised in Zero Day Java Exploit

fat78 — Mon, 01 Oct 2012 14:40:59 GMT

I think he means that he only installs adobe in sandbox, and doesn't install java at all.

RE: Billions of Computers Compromised in Zero Day Java Exploit

3vi1 — Fri, 28 Sep 2012 23:51:16 GMT

> This crap will never quit.

True dat, reilneil. If not a pre-req for my kids to run Minecraft, I would have uninstalled Java from every machine in my house long ago.

When I write software, I try to make it cross-platform, but I never even consider writing it in Java anymore.

Why is it that everything Oracle touches turns to crap? And could I get some people working on some open-source USB extensions for an open-source version of VirtualBox please?

P.S.: Love the Dr. Evil icon Paul!

RE: Billions of Computers Compromised in Zero Day Java Exploit

realneil — Fri, 28 Sep 2012 11:31:14 GMT

JOMA:
I never, ever install Java on any systems. It's just not worth the risk. I don't even install Adobe products except on virtual machines that use Sandbox software.

That may not be enough protection if I'm reading the article right,.......

" It's an especially nasty bug that would allow an attacker to worm his way out of the confines of a sandbox, where normally users' main systems are safe from what takes place inside the Virtual Machine."

This negates the whole idea behind using a sandbox for protection.

RE: Billions of Computers Compromised in Zero Day Java Exploit

JOMA — Fri, 28 Sep 2012 11:16:52 GMT

I never, ever install Java on any systems. It's just not worth the risk. I don't even install Adobe products except on virtual machines that use Sandbox software.

RE: Billions of Computers Compromised in Zero Day Java Exploit

Super Dave — Fri, 28 Sep 2012 07:46:05 GMT

thunderdan602:
would this exploit affect a machine running a 64 bit OS?

Both 32 and 64-bit systems are affected, Dan.

RE: Billions of Computers Compromised in Zero Day Java Exploit

realneil — Fri, 28 Sep 2012 00:55:06 GMT

This crap will never quit.

RE: Billions of Computers Compromised in Zero Day Java Exploit

thunderdan602 — Fri, 28 Sep 2012 00:20:50 GMT

I am no software expert, but would this exploit affect a machine running a 64 bit OS? And also, how can a person find out if their affected and if so, how to fix it.

Billions of Computers Compromised in Zero Day Java Exploit

News — Thu, 27 Sep 2012 13:47:00 GMT

Tread carefully on the Internet, surf ninja. That's always sound advice, but it's especially important now to be extra cautious, particularly if you use Java. Researchers at Security Explorations discovered a zero-day exploit in multiple versions of Java that could affect over a billion PCs around the globe.

Technical details of the exploit are still being withheld, but what we do know is that it affects Java Standard Edition (SE) versions 5, 6, and 7. It's an especially nasty bug that would allow an attacker to worm his way out of the confines of a sandbox, where normally users' main systems are safe from what takes place inside the Virtual Machine.

Security Explorations said it conducted successful tests of the exploit on Java SE 5 Update 22, Java SE 6 Update 35, and Java SE 7 Update 7, all using a fully patched install of Windows 7 32-bit and on nearly half a dozen web browsers, including Firefox 15.0.1, Google Chrome 21.0.1180.89, Internet Explorer 9.0.8112.16421 (update 9.0.10), Opera 12.02 (build 1578), and Safari 5.1.7 (3534.57.2).

"We hope that a news about one billion users of Oracle Java SE software being vulnerable to yet another security flaw is not gonna spoil the taste of Larry Ellison's morning...Java," quipped Adam Gowdiak, CEO of Security Explorations.

Zing!