Oracle Rushes Emergency Java Update To Patch McRAT Vulnerabilities 165
msm1267 writes "Oracle has once again released an emergency Java update to patch zero-day vulnerabilities in the browser plug-in, the fifth time it has updated the platform this year. Today's update patches CVE-2013-1493 and CVE-2013-0809, the former was discovered last week being exploited in the wild for Java 6 update 41 through Java 7 update 15. The vulnerability allows for arbitrary memory execution in the Java virtual machine process; attackers exploiting the flaw were able to download the McRAT remote access Trojan."
Only one program I miss (Score:2, Insightful)
Open office won't work without Java. Maybe some day I'll be convinced that they have their stuff together again and I'll reinstall it.
even worse than the vulns (Score:5, Insightful)
The language is ok, but everything else about java just plain sucks.
Re:Only one program I miss (Score:5, Insightful)
Open office won't work without Java.
Sure it does. The only parts that really required Java were a couple of wizards and the RDBMS.
Re:Uninstall (Score:5, Insightful)
I mean it's no different than me going around, running executables from random websites and then blaming Microsoft for not doing more to secure their OS.
It's entirely different, the plugin is supposed to be sandboxed.
Re:Uninstall (Score:5, Insightful)
Re:Uninstall (Score:5, Insightful)
How to stop applets from running (Score:3, Insightful)
The Java Control Panel (in the Windows control panel) contains a checkbox under the Security Panel called "Enable Java content in the Browser". Uncheck this if you do not want applets to run. This selection stays persisted each time you update the JRE.
Once again,
Windows Control Panel->Java Control Panel->Security Panel. Make sure the "Enable Java content in the Browser" checkbox is unchecked.
Re:Warning: Oracle installs ask.com toolbar (Score:4, Insightful)