Java Vulnerability on the loose, recommendation to disable Java

[Vodsel]

It might not last much if Oracle works on it... prevention is easy but annoying (it will shut down scripts we use here).

A Java security problem has been reported by CERT, you can read about it in this article in The Next Web, New Java Vulnerability is being exploited in the wild - Disabling Java is currently your only option.

More background on the vulnerability can be found here:

Solution
We are currently unaware of a practical solution to this problem. Please consider the following workarounds:

Disable Java in web browsers

Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. Please see the Java documentation for more details.
Note: Due to what appears to potentially be a bug in the Java installer, the Java Control Panel applet may be missing on some Windows systems. In such cases, the Java Control Panel applet may be launched by finding and executing javacpl.exe manually. This file is likely to be found in C:\Program Files\Java\jre7\bin or C:\Program Files (x86)\Java\jre7\bin.
Also note that we have encountered situations where Java will crash if it has been disabled in the web browser as described above and then subsequently re-enabled. Reinstalling Java appears to correct this situation.

 

[The Traveler]

Yup, the so manyth serious vulnerability with Java in a short time. I have the feeling it all got much worse since Oracle took over Sun. Also the fact that they let these leaks life for so lang shows me how low a priority Oracle puts on Java.

I have disabled my Java client a long time ago and I don't dare to switch it on again, for me the Java journey is over.


Kind regards,

The Traveler

 

[Macre]

Oh boy, more lazy patching? Ransomware distributors will be pleased :thumb_dow

Peace

Macre