Very few people actually use Java on a regular basis in terms of using the web browser so if you're dependent on Java to run installed programs on your machine (OpenOffice, LibreOffice, etc), you can just disable the browser plugins for Java. This exploit will blow past authentication (the part where Java will ask you about running this program before it does) so don't think that will save you. Since Java is cross-platform, Macs and Linux boxes are also vulnerable (I don't know if the OpenJDK variant on Linux holds the same vulnerability but it would be same to assume it does) so you'll have to secure your machines as well.
Your bitterness, I will dispel
TIER 7
Wrythe1985 posted on Aug 28, 2012 11:20:27 PM - Report post
Okay, dumb question. What's the difference between the enable Java option in the Firefox options menu and the Java console addon for Firefox? And which one is considered the "Java plugin"?
AUTHOR
Neo7 posted on Aug 29, 2012 4:21:36 PM - Report post
The Java Console is a developer's tool to assist with debugging Java applications within Firefox. If you don't do any kind of programming you can disable this to free up some resources used by Firefox. The other Java plug-in is the one you want to disable due to the security thing.
Your bitterness, I will dispel
AUTHOR
Neo7 posted on Aug 31, 2012 5:09:18 PM - Report post
Some additional information I got:
The previous version of JRE (Java SE 6 Update 35) is not affected by this exploit so if you absolutely need your Java or don't know how to disable plug-ins or want to be extra sure, you can uninstall Java 7 and install this version of JRE instead until Oracle can push out an update:
Important Board Topics
Trending Topics