R
Roedy Green
Presumably will fix the 0-day exploit.
I will find out after I get it myself.
I will find out after I get it myself.
Presumably will fix the 0-day exploit.
I will find out after I get it myself.
the release notes are at
http://www.oracle.com/technetwork/java/javase/7u11-relnotes-1896856.html
As I read them the "fix" is just to turn off Applets entirely, by
default -- hardly a fix. Perhaps one of the group's language lawyers
could see if I interpreted that correctly.
[...]
<quote>
This release contains fixes for security vulnerabilities. For more
information, see Oracle Security Alert for CVE-2013-0422.
[...]
<quote>
This release contains fixes for security vulnerabilities. For more
information, see Oracle Security Alert for CVE-2013-0422.
CERT's advice is
"Immunity has indicated that only the reflection
vulnerability has been fixed and that the JMX MBean
vulnerability remains. [...] Unless it is absolutely
necessary to run Java in web browsers, disable it as
described below, even after updating to 7u11. [...]"
--from <http://www.kb.cert.org/vuls/id/625617>
Write once, pwn anywhere ...
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.