|Topic Review (Newest First)|
|02-05-2013 12:56 PM|
And there are frequent warnings about new threats routinely with all of them. Not being computer-savvy, and using these tools (which sadly are enabled by default) is something like being a boater and using propane in the galley--with no grasp of the safety issues and no concept of how dangerous "fire" can be.
Sooner or later, if you don't learn about it, you will get burned. Estimates are that 25% of all home computers are running zombie malware, the stuff that infects you and everyone you have in your email lists, because folks just don't understand. Web sites that rely on the stuff? A continual problem. You have to choose between managing the risk, and simply shunning those web sites.
|02-05-2013 06:42 AM|
More on JAVA vulnerabilities -- yesterday, Oracle released a critical Java update. This one fixes around 50 vulnerabilities. 44 of the 50+ vulnerabilities apply only to Java as it is used in browsers, but then again that's how we use it most often here in Sailnet, isn't it?
One nice thing they have done is set the default security setting to "high." This means Java will not execute an unsigned Java applet without first asking the user whether to run it or not. This should make writing exploits for future vulnerabilities much harder for the bad guys (and anyone else who tries too, of course).
If you haven't set your Java Virtual Machine (JVM) to update automatically, then now is the time to take care of it. You'll want to ensure you have installed through Java 7, update 13. Don't delay. This update is important enough that Oracle released it out of cycle rather than waiting two weeks to include it in the monthly scheduled updates. As for the browser plugins, I'm expecting them to follow suite shortly. Look to your particular browser's vendor for details.
|01-15-2013 02:34 AM|
Also, it is Java 7 version. If you haven't updated to it, don't worry.
|01-14-2013 02:22 PM|
Java's emergency patch over the weekend does not fully address the zero-day exploit. I would not trust Java yet. The real fix promises to be slow in coming.
You might be interested in what one of ZDNet's resident zero-day watchers has to say on the subject. It is really pretty disheartening.
|01-13-2013 10:38 PM|
Re: Java ****** Disabled -- What Happened?
Java has a patch for this.
U.S. Agency Warns of Java Software Problem - NYTimes.com
Here is the patch
Download Free Java Software
|01-13-2013 10:28 PM|
Ah-so, there may be a way back to happier times...
Like I said, I ain't the nerd I ought to be.
Many thanks, Faster!
|01-13-2013 10:24 PM|
Correct, Faster. Java is the issue until the various vendors involved issue patches.
|01-13-2013 10:23 PM|
|01-13-2013 10:11 PM|
OK, as far as computer skills go I'm pretty challenged...
After all the reporting over the last couple of days, the consensus in our household was to disable Java to play it safe. Mine was not the deciding vote
After doing so (disabling Java scripting in our browsers), a couple of bugs have become apparent.
- The pull-down menus no longer pull down -- instead a different set of options appear on the header bar. The "Quick Links" pull down had a "Today's Posts" option; I can't find it in the non-Java environment.
- While I can see the highlighted "Your Notifications: 1" alert, when I follow the link all I get is my PM inbox.
Short of re-enabling Java scripting, is there anything else I can do to get back the functionality that's gone dead?