Slashdot Mirror

← Back to Stories (view on slashdot.org)

Java Exploit Patched? Not So Fast

Posted by timothy on Friday August 31, 2012 @11:04AM from the few-beans-short dept.

PCM2 writes "The Register reports that Security Explorations' Adam Gowdiak says there is still an exploitable vulnerability in the Java SE 7 Update 7 that Oracle shipped as an emergency patch yesterday. 'As in the case of the earlier vulnerabilities, Gowdiak says, this flaw allows an attacker to bypass the Java security sandbox completely, making it possible to install malware or execute malicious code on affected systems.'"

1 of 87 comments (clear)

Min score:

Reason:

Sort:

Re:Arrrrrg by Nerdfest · 2012-08-31 11:45 · Score: 5, Informative

I may have this wrong, but isn't this exploit only possible if you have Java enabled in your browser, which you only need to run Java applets? When was the last time you saw a Java applet? Disable it. I'm surprised it's still enabled by default (I think it's actually disabled in Chrome).