Results 1 to 6 of 6

Thread: News - Critical zero-day Java vulnerability discovered

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    31,709
    Thanks
    0
    Thanked
    2,073 times in 719 posts

    News - Critical zero-day Java vulnerability discovered

    Attacker could “view, change, or delete data with the privileges of a logged-on user”.
    Read more.

  2. #2
    Senior Member MrNeil's Avatar
    Join Date
    May 2012
    Location
    Here
    Posts
    559
    Thanks
    23
    Thanked
    63 times in 38 posts
    • MrNeil's system
      • Motherboard:
      • Gigabyte Z490 VISION G
      • CPU:
      • Intel i7 10700KF
      • Memory:
      • 16gig G.Skill Trident Z 3200Mhz
      • Storage:
      • x2 Kingston 240GB HyperX SSDWD + 480gig evo 500GB Caviar Blue Hard
      • Graphics card(s):
      • Vega 56 Red Dragon
      • PSU:
      • 850W EVGA SuperNOVA G2,
      • Case:
      • NZXT H440 STEEL Mid Tower
      • Operating System:
      • Window 10 64bit
      • Monitor(s):
      • AOC G2770PF 144Hz and a HP 27hq
      • Internet:
      • TalkyTalk 76mb

    Re: News - Critical zero-day Java vulnerability discovered

    i have just updated last night !!!

  3. #3
    Senior Member
    Join Date
    Jul 2008
    Posts
    343
    Thanks
    14
    Thanked
    9 times in 7 posts

    Re: News - Critical zero-day Java vulnerability discovered

    Another so soon? There was one last month! -.- Get it together chaps
    Also if we don't visit dodgey sites as a rule, we'll be fine?

  4. #4
    HEXUS.social member Agent's Avatar
    Join Date
    Jul 2003
    Location
    Internet
    Posts
    19,185
    Thanks
    739
    Thanked
    1,614 times in 1,050 posts

    Re: News - Critical zero-day Java vulnerability discovered

    We should have a news article when there isn't a daily Java exploit. Feels like it needs patching every day.
    Quote Originally Posted by Saracen View Post
    And by trying to force me to like small pants, they've alienated me.

  5. #5
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,231
    Thanked
    2,291 times in 1,874 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: News - Critical zero-day Java vulnerability discovered

    Feels like it tries to update every day as well

    AFAICT from the story you need to run a maliciously crafted java application (I don't think there are applets any more, since that part of the api got deprecated when I was learning java in 2005!) to be vulnerable, so as long as you've got sensible restrictions in place about what websites can run java and the sites you use are reasonably secure you should be alright. Not great though.

  6. #6
    Senior Member
    Join Date
    Jul 2004
    Location
    London
    Posts
    2,456
    Thanks
    100
    Thanked
    75 times in 51 posts
    • Mblaster's system
      • Motherboard:
      • ASUS PK5 Premium
      • CPU:
      • Intel i5 2500K
      • Memory:
      • 8gb DDR3
      • Storage:
      • Intel X25 SSD + WD 2TB HDD
      • Graphics card(s):
      • Nvidia GeForce GTX 570
      • PSU:
      • Corsair HX520
      • Case:
      • Antec P180
      • Operating System:
      • Windows 7 Professional x64
      • Monitor(s):
      • HP w2207 (22" wide)
      • Internet:
      • Rubbish ADSL

    Re: News - Critical zero-day Java vulnerability discovered

    Quote Originally Posted by scaryjim View Post
    Feels like it tries to update every day as well

    AFAICT from the story you need to run a maliciously crafted java application (I don't think there are applets any more, since that part of the api got deprecated when I was learning java in 2005!) to be vulnerable, so as long as you've got sensible restrictions in place about what websites can run java and the sites you use are reasonably secure you should be alright. Not great though.
    Java applets are not deprecated still in the API and supported by all the browsers, although they are rarely actually used these days.

    docs.oracle.com/javase/7/docs/api/java/applet/Applet.html

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •