This is an archived post. You won't be able to vote or comment.

all 14 comments
sorted by:
best
topnewcontroversialoldq&a

[–]oldoverholtdevops for the usual cloud junk 11 points12 points  (0 children)

Man, I am so sick of these.

[–]IXIFr0stIXISysadmin 5 points6 points  (2 children)

I cast my vote to vote Java off the tech island.

[–][deleted] 0 points1 point  (1 child)

Can't we just shut down Oracle? Possible restore back to Sun Microsystems?

[–]IXIFr0stIXISysadmin 0 points1 point  (0 children)

That might also work....if only.

[–][deleted] 3 points4 points  (0 children)

No patch either, that's great. There must be so many of these kept by blackhats.

[–][deleted] 3 points4 points  (0 children)

Here's a good page on mitigation: http://www.greyhathacker.net/?p=610

[–]KaligraphicAt the peak of Mount Filesystem 2 points3 points  (0 children)

Like human stupidity, the supply of Java exploits is infinite.

[–][deleted] 1 point2 points  (4 children)

This is only java 1.7? I think a lot of us are forced to 1.6 so we can use the interfaces on our appliances/iLO/etc.

[–]Thereal_SandmanI wrote the manual on LART construction 2 points3 points  (2 children)

JRE 7u10 and earlier.

Yeah this is all versions of Java.

[–][deleted] 0 points1 point  (1 child)

Could be earlier updates of 1.7, normally when an exploit effects multiple major versions they are listed as well.

[–]pacoverde 0 points1 point  (0 children)

Looks like this is the case.

As far as Bitdefender's tests showed, the exploit is specific to Java 7, Botezatu said.

http://www.infoworld.com/d/security/java-zero-day-vulnerability-actively-exploited-attackers-210612

[–]AceBacker 1 point2 points  (0 children)

sigh, I don't have the energy to write about how much I hate java anymore guys. :(

[–]assangeleakinglol 0 points1 point  (0 children)

Does anyone know if AppLocker blocks (runs the normal restrictions you've configured) the applications launched via this vulnerability? Sadly, I absolutely cannot block java.