Results 1 to 6 of 6

Thread: News - Critical zero-day Java vulnerability discovered

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    28,686
    Thanks
    0
    Thanked
    1,859 times in 635 posts

    News - Critical zero-day Java vulnerability discovered

    Attacker could “view, change, or delete data with the privileges of a logged-on user”.
    Read more.

  2. #2
    Senior Member MrNeil's Avatar
    Join Date
    May 2012
    Location
    Here
    Posts
    544
    Thanks
    23
    Thanked
    53 times in 34 posts
    • MrNeil's system
      • Motherboard:
      • H370 Aorus
      • CPU:
      • Intel i5 8600k (1st intel ever in all my 16 years with AMD)
      • Memory:
      • 16gig G.Skill Trident Z 3200Mhz
      • Storage:
      • x2 Kingston 240GB HyperX SSDWD + 480gig evo 500GB Caviar Blue Hard
      • Graphics card(s):
      • Aorus RX580 8gig
      • PSU:
      • 850W EVGA SuperNOVA G2,
      • Case:
      • NZXT H440 STEEL Mid Tower
      • Operating System:
      • Window 10 64bit
      • Monitor(s):
      • AOC G2770PF 144Hz
      • Internet:
      • TalkyTalk 76mb

    Re: News - Critical zero-day Java vulnerability discovered

    i have just updated last night !!!

  3. #3
    Senior Member
    Join Date
    Jul 2008
    Posts
    343
    Thanks
    14
    Thanked
    9 times in 7 posts

    Re: News - Critical zero-day Java vulnerability discovered

    Another so soon? There was one last month! -.- Get it together chaps
    Also if we don't visit dodgey sites as a rule, we'll be fine?

  4. #4
    HEXUS.social member Agent's Avatar
    Join Date
    Jul 2003
    Location
    Internet
    Posts
    19,158
    Thanks
    732
    Thanked
    1,604 times in 1,043 posts

    Re: News - Critical zero-day Java vulnerability discovered

    We should have a news article when there isn't a daily Java exploit. Feels like it needs patching every day.
    Quote Originally Posted by Saracen View Post
    And by trying to force me to like small pants, they've alienated me.

  5. #5
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Manchester
    Posts
    15,024
    Thanks
    1,192
    Thanked
    2,240 times in 1,843 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 1x 8GB DDR4 2400
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: News - Critical zero-day Java vulnerability discovered

    Feels like it tries to update every day as well

    AFAICT from the story you need to run a maliciously crafted java application (I don't think there are applets any more, since that part of the api got deprecated when I was learning java in 2005!) to be vulnerable, so as long as you've got sensible restrictions in place about what websites can run java and the sites you use are reasonably secure you should be alright. Not great though.

  6. #6
    Senior Member
    Join Date
    Jul 2004
    Location
    London
    Posts
    2,456
    Thanks
    100
    Thanked
    75 times in 51 posts
    • Mblaster's system
      • Motherboard:
      • ASUS PK5 Premium
      • CPU:
      • Intel i5 2500K
      • Memory:
      • 8gb DDR3
      • Storage:
      • Intel X25 SSD + WD 2TB HDD
      • Graphics card(s):
      • Nvidia GeForce GTX 570
      • PSU:
      • Corsair HX520
      • Case:
      • Antec P180
      • Operating System:
      • Windows 7 Professional x64
      • Monitor(s):
      • HP w2207 (22" wide)
      • Internet:
      • Rubbish ADSL

    Re: News - Critical zero-day Java vulnerability discovered

    Quote Originally Posted by scaryjim View Post
    Feels like it tries to update every day as well

    AFAICT from the story you need to run a maliciously crafted java application (I don't think there are applets any more, since that part of the api got deprecated when I was learning java in 2005!) to be vulnerable, so as long as you've got sensible restrictions in place about what websites can run java and the sites you use are reasonably secure you should be alright. Not great though.
    Java applets are not deprecated still in the API and supported by all the browsers, although they are rarely actually used these days.

    docs.oracle.com/javase/7/docs/api/java/applet/Applet.html

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •