Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Java security breach really that big of a deal?


  • Please log in to reply

#1
Jakob1406

Jakob1406

    Member

  • Member
  • PipPip
  • 48 posts
Hi,

There has been a big storm around the security of Java lately.
Several governments has advised the public to disable Java due to the recently discovered 0-day breach.

Should I really be that concerned?
The breach has been there since they "patched" it last one in October, and as I understand it hackers have known about it far longer than we have.
I kind of think the media is blowing this out of proportion (it wouldn't be the first time...).

Could someone with actual tech expertise give me some pointers, so that I don't have to rely on what the media is trying to sell me.

I'm sure a lot of people are asking the same questions, so a quick response would be much appreciated!

Jakob
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 69,964 posts
The bottom line is .. As Java is installed on so many systems then it is the biggest malware target out there.
Just two of the many items written about this Here and Here

Suffice it to say that unless you desperately need Java on your system then uninstall it

The curator of Blackhole, a miscreant who uses the nickname “Paunch,” announced yesterday on several Underweb forums that the Java zero-day was a “New Year’s Gift,” to customers who use his exploit kit. Paunch bragged that his was the first to include the powerful offensive weapon, but shortly afterwards the same announcement was made by the maker and seller of Nuclear Pack.

According to both crimeware authors, the vulnerability exists in all versions of Java 7, including the latest — Java 7 Update 10. This information could not be immediately verified, but if you have Java installed, it would be a very good idea to unplug Java from your browser, or uninstall this program entirely if you don’t need it. I will update this post as more information becomes available.

Krebs on Security
  • 0

#3
Jakob1406

Jakob1406

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Thank you for the quick response!

Sadly, I need it for now...
How would you rate this threat? Is it as bad as they say?
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 69,964 posts
Lets put it this way.. I do not have java on my system and I believe it to be real
  • 0

#5
Jakob1406

Jakob1406

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Well they've patched it for now. It'll be interesting to see how long it lasts this time...
Thank you for your advice!

Thread closed.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP