Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Oracle Releases Patch to Address Security Vulnerability in Java 7
- Thread starter MacRumors
- Start date
- Sort by reaction score
You're using shortened URLs, I don't know why since you're hiding them with text. So I'm going to assume you're pointing to the Java plug-in. Java has a plug-in so that web browsers can run Java bytecode with the local JRE. Java itself is not a plug-in, it is a programming language, it is a runtime environnement and it is a framework. The plug-in is one part of the runtime environnement.
I was pointing to the plugin, and I'm not trying to hide anything. I thought people would just click on the links.
The reason I'm using shortened URLs is so that when I reply, it takes up less space in the text.
I know Java is a programming language. What I did is uninstall the JRE, thereby uninstalling the plugin. The only part of the JRE that I used was the plugin aspect of it. Since uninstalling the JRE, I said my browsing experience had not changed, since browsing would have been the only time I used the JRE.
I guess I should have said "I uninstalled the JRE, which I did not use and did not change any part of my day-to-day computer usage" to be more precise.
I make it a habbit of not clicking links in forum posts if I'm not sure where they lead to. If you're going to hide the link in the URL tag, there is no reason to use shortened ones. This could be misinterpreted as spam or malicious links and make it so people don't read your links.
I always check a link before clicking it. Shortened URLs prevents that.
I am an engineer at JBoss (Red Hat) by the way (my twitter account is @JBossMike) -- and I have no idea what you're talking about.
New patch already has another vulnerability: http://www.pcadvisor.co.uk/news/sec...rability-in-java-7-patch-hours-after-release/
Remove the browser plugin from /Library/Internet-Plugins
Remove the browser plugin from /Library/Internet-Plugins
Good, then nevermind, this isn't the first time people can't understand hypothetical future situations where the current reality doesn't apply, so I'll stop trying to jump into these conversations. It just leads to a big mess and thread derailment.
Yes. Even as a Java developer, I have always disabled the Java Plug-in. In fact, most Java developers I know consider Java Applets to be the biggest mistake of Java.
When people are bashing Java as being insecure, they're really bashing Java Applets that run through the Java plug-in, in the browser.
For instance, if you were to run Ruby or Python in the browser it would be FAR more insecure than running Java in a sandbox. But then again, we shouldn't be running Java in the browser to begin with.
As a general runtime, Java is basically one of the best out there. Apple's WebObjects runs on the JVM. The iTunes Music Store is server-side Java, etc.
I understand that people have a really hard time separating these things in their heads but the Java plug-in in your browser is not the same thing as JavaScript or even Java.
Java is a runtime. The browser plugin brings a sandboxed version of that runtime into the browser. As a long time Java developer I can tell you that Java applets are crapshoots, and you should probably delete the Java plug-in from your browser at this point. And that will protect you from all these future vulnerabilities.
You don't actually need to remove Java from your machine all-together to protect yourself. If the Java plug-in is removed from your browser, problem solved. But you're not exposing yourself by running Minecraft.
http://news.cnet.com/8301-1009_3-57504640-83/new-vulnerabilities-found-in-latest-java-update/
New vulnerabilities found in latest Java update
Following its latest updates, more vulnerabilities have been uncovered in Oracle's Java 7 runtime.
Only hours after Oracle released its latest Java 7 update to address active exploits, security researchers found yet another vulnerability that can be exploited to run arbitrary code on systems that have the runtime installed.
Oracle's latest release of its Java 7 runtime has come under scrutiny in the past few weeks after it was found being actively exploited in malware attacks that target Windows systems. While so far the vulnerability has only been found being used against Windows, other platforms such as the Mac OS could potentially be targeted through the same exploit.
New vulnerabilities found in latest Java update
Following its latest updates, more vulnerabilities have been uncovered in Oracle's Java 7 runtime.
Only hours after Oracle released its latest Java 7 update to address active exploits, security researchers found yet another vulnerability that can be exploited to run arbitrary code on systems that have the runtime installed.
Oracle's latest release of its Java 7 runtime has come under scrutiny in the past few weeks after it was found being actively exploited in malware attacks that target Windows systems. While so far the vulnerability has only been found being used against Windows, other platforms such as the Mac OS could potentially be targeted through the same exploit.
