-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Have you disabled your Java?
Page 3 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
PeeluckyDuckee
Diamond Member
My dlink web cam uses java and neither of the app under windows/osx work at the moment. My only access right now is through android app on my GNexus.
Safari runs like crap right now, not sure if it's related to Java at all, but I've never experienced such slow down prior to this week.
Safari runs like crap right now, not sure if it's related to Java at all, but I've never experienced such slow down prior to this week.
Last edited:
Wyndru
Diamond Member
So for this to actually be a risk, you have to have version 7 of Java installed and hit a website that has malicious code in it that will trigger java (not javascript), created by someone that has already started abusing this exploit discovered by a security firm on Friday?
Is this firm handing out the code to hackers or something?
Oh, nevermind, I read the metaslpoit post. I love how when this stuff hits the news, the exploit immediately becomes widely available, with screenshots and instructions on how to use it.
Is this firm handing out the code to hackers or something?
Oh, nevermind, I read the metaslpoit post. I love how when this stuff hits the news, the exploit immediately becomes widely available, with screenshots and instructions on how to use it.
Last edited:
mechBgon
Super Moderator<br>Elite Member
Kaspersky Lab said it's been in the wild since mid-December: http://www.securelist.com/en/blog/208194070/Java_0day_Mass_Exploit_Distribution
According to Immunity, version 6r10 and later are also affected, not just JRE 7: https://partners.immunityinc.com/idocs/Java MBeanInstantiator.findClass 0day Analysis.pdf (PDF).
Thanks for mentioning this, I will make sure nevar to buy a D-Link webcam without first making sure it's free of the Java prerequisite.
John Connor
Lifer
I have an add-on for Firefox called Quickjava and it allows me to disable Java when I'm not using it. I never keep it on unless I need it and that need is only for pingtest.net. I also use Noscript which not only will block Javascript, but Java unless I approve of it.
WT
Diamond Member
We spent a lot of time at work this week fixing a broken Java 7.10 deployment on teacher's laptops - its what runs the gradebook app. As of Friday it worked, and then I get home only to read that Java is now disabled within the supported browser.
Monday will be no fun at all I am sure ... this could get messy.
Monday will be no fun at all I am sure ... this could get messy.
RossMAN
Grand Nagus
Any idea if Foscam uses Java or not?
disappoint
Lifer
Java doesn't kill people, people kill Java.
FelixDeCat
Lifer
Scottrade requires JAVA for steaming quotes so its enabled for IE. All other sites are browsed with FF.
To be safe, its uninstalled for now until the update is available on Tuesday. I oversee several dollars and need access to Java so I can manipulate governments and people to serve my Machiavellian interests.
()🙂
To be safe, its uninstalled for now until the update is available on Tuesday. I oversee several dollars and need access to Java so I can manipulate governments and people to serve my Machiavellian interests.
()🙂
disappoint
Lifer
biostud
Lifer
FelixDeCat
Lifer
John Connor
Lifer
http://news.softpedia.com/news/Java...-for-5-000-on-Underground-Market-321702.shtml
Less than a week has passed since Oracle patched the vulnerability in Java 7 Update 10 and another zero-day exploit – which is said to work on Java 7 Update 11 – is already being sold on the cybercriminal underground market.
Brian Krebs, who came across an ad for the exploit on a hacker forum on Monday, reveals that the author had offered to sell it to two people for the price of $5,000 (3,750 EUR). The buyers were promised an “encrypted” and “weaponized” version of the exploit.
In the ad he posted, the seller claimed that the exploit was not integrated into any known crime kits, not even in the expensive Cool Exploit Kit.
According to Krebs, the cybercriminal most likely found buyers since the post was removed from the forum.
This shows that the US Department of Homeland Security is right to advise users to uninstall Java if they don’t need it for their everyday tasks.
In its advisory, the DHS has warned that Oracle might have addressed one issue, but some old vulnerabilities are still unfixed and security holes are identified in Java all the time.
Less than a week has passed since Oracle patched the vulnerability in Java 7 Update 10 and another zero-day exploit – which is said to work on Java 7 Update 11 – is already being sold on the cybercriminal underground market.
Brian Krebs, who came across an ad for the exploit on a hacker forum on Monday, reveals that the author had offered to sell it to two people for the price of $5,000 (3,750 EUR). The buyers were promised an “encrypted” and “weaponized” version of the exploit.
In the ad he posted, the seller claimed that the exploit was not integrated into any known crime kits, not even in the expensive Cool Exploit Kit.
According to Krebs, the cybercriminal most likely found buyers since the post was removed from the forum.
This shows that the US Department of Homeland Security is right to advise users to uninstall Java if they don’t need it for their everyday tasks.
In its advisory, the DHS has warned that Oracle might have addressed one issue, but some old vulnerabilities are still unfixed and security holes are identified in Java all the time.
John Connor
Lifer
That looks goooood. I want some! My damn espresso machine quit working for me the other day too. Off to eBay to find a replacement.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 24K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
