Serious New Java Flaw Affects All Browsers 164
Trailrunner7 writes "There is a serious vulnerability in Java that makes all current browsers vulnerable to simple Web-based attacks that could lead to a complete compromise of the affected system. Two separate researchers released information on the vulnerability on Friday, saying that it has been present in Java for years. The problem lies in the Java Web Start framework, a technology that Sun Microsystems developed to enable the simplified deployment of Java applications. In essence, the JavaWS technology fails to validate parameters passed to it from the command line, and attackers can control those parameters using specific HTML tags on a Web page, researcher Ruben Santamarta said in an advisory posted Friday morning."
All browsers? (Score:5, Funny)
People have Java enabled in their browser? (Score:3, Funny)
Re:All browsers? (Score:2, Funny)
Perhaps, but if people have been getting bad java, they're going to need some ceramic parabolas right quick.
This is Javocalypse (Score:1, Funny)
Really. [cr0.org]
Re:Guess it's time to uncheck that box (Score:5, Funny)
Re:New? (Score:3, Funny)
[_] Enable computer power
The ultimately in security, I've done it!
I didn't see a "*($^#@$@^$&&&... NO CARRIER". I call shenanigans!
HURRY!!! (Score:2, Funny)
Both users of Java Web Start need to be contacted immediately!
Re:All browsers? (Score:4, Funny)
Re:Article Contents (Score:1, Funny)
After all any geek here at /. can get a system fully running and tweaked nicely in a couple of hours, how long would it take to replace that only copy of your vacation photos, or that only copy of your late grandmother's last Xmas here on earth?
Backups.
Wanna hear somehing amazing? If your root/admin account is safe you can store those on the same computer!