java 7 Update 11 Zero-Day Exploit Sold for $5,000 on Underground Market

Discussion in 'Software for Windows' started by hclarkjr, Jan 16, 2013.

  1. Loading...

    Similar Threads - java Update Zero Forum Date
    Java 8 Update 144 is now out Software for Windows Aug 1, 2017
    Java 8 Update 121 is out Software for Windows Jan 20, 2017
    Java 8 Update 71 ... Now Update 73 2-6-16 Software for Windows Jan 21, 2016
    Java 8 Update 45 Software for Windows Apr 14, 2015
    Java 8 Update 25 Software for Windows Oct 17, 2014

  2. MontyAC

    MontyAC Diamond Member

    Joined:
    Feb 28, 2004
    Messages:
    4,124
    Likes Received:
    0
    Good thing I disabled this on my systems.
     
  3. sm625

    sm625 Diamond Member

    Joined:
    May 6, 2011
    Messages:
    8,175
    Likes Received:
    134
    Why doesnt oracle just buy these on the underground market? It costs them one hell of a lot more than $5k to fix each one of these problems, so they're paying the ransom either way.
     
  4. bruceb

    bruceb Diamond Member

    Joined:
    Aug 20, 2004
    Messages:
    8,478
    Likes Received:
    51
    Here we go again. I wonder when the web browsers, like Firefox will be able to display web pages that used to need Java, internally in the browser, in total safety (if that is doable)
     
  5. Ken g6

    Ken g6 Programming Moderator, Elite Member
    Moderator

    Joined:
    Dec 11, 1999
    Messages:
    12,961
    Likes Received:
    434
    Well, Doppio looks interesting. It's a Java Virtual Machine implemented in JavaScript. :)
     
  6. lamedude

    lamedude Golden Member

    Joined:
    Jan 14, 2011
    Messages:
    1,193
    Likes Received:
    3
    I suppose you could integrate OpenJDK into the browser but who still uses Java applets. Oracle should not install the browser plugins by default since Minecraft is the only reason a lot of people need Java anymore.
     
  7. bruceb

    bruceb Diamond Member

    Joined:
    Aug 20, 2004
    Messages:
    8,478
    Likes Received:
    51
    Some game sites, like certain games on Thinks.com and also on Bestcrosswords.com use Java to display the interactive puzzles.
     
  8. lxskllr

    lxskllr Lifer

    Joined:
    Nov 30, 2004
    Messages:
    47,431
    Likes Received:
    1,073
    I think that has the same vulnerabilities as Oracle Java. You may luck into missing a specific exploit, but they're very close, so an exploit of one will likely affect the other.
     
  9. pyonir

    pyonir Lifer

    Joined:
    Dec 18, 2001
    Messages:
    40,862
    Likes Received:
    303
    I spend some time on pogo.com and they use Java for their games. I removed Java from one of my systems, but the other still has it because I use that one on pogo. It's a pain in the ass.