Windows 8 and 8.1 Forums

Critical Java zero-day bug is being “massively exploited"

  1. #11

    Posts : 716
    Windows 7 Ult Reatil & Win 8 Pro OEM

    The Australian Tax Office Business Portal for lodging quarterly BAS and annual tax returns online cannot be used without Java to run the AusKey security log on. Right now the portal is undergoing maintenance, so I hope that includes the patch.

      My System SpecsSystem Spec

  2. #12

    Posts : 149
    Windows 8.1 Pro 64-Bit, Ubuntu 13.04 64-Bit

    Is having java installed, period, make you vulnerable? Or can I just disable the browser plugin without completely destroying my Minecraft?

    Or is this one of those things 'just being connected to the internet you will get it if your IP gets sniffed out regardless of what you do'?
      My System SpecsSystem Spec

  3. #13

    I haven't read the details of the nature of the exploit so I can't answer your question, but I'll try to get some answers...
      My System SpecsSystem Spec

  4. #14

    Bay Area
    Posts : 21,406
    Windows 7 Home Premium x64

    I believe if you disable Java in the browser, you can't play Minecraft normally. I believe you can play Minecraft with no internet connection, but with many limitations (I have never played ). Have a look here:

    Minecraft Portable! For Computers Without Java

    A Guy
      My System SpecsSystem Spec

  5. #15

    Bay Area
    Posts : 21,406
    Windows 7 Home Premium x64

    Critical Java vulnerability made possible by earlier incomplete patch

    The critical Java vulnerability that is currently under attack was made possible by an incomplete patch Oracle developers issued last year to fix an earlier security bug, a researcher said.

    The revelation, made Friday by Adam Gowdiak of Poland-based Security Explorations, is the latest black eye for Oracle's Java software framework which is installed on more than 1 billion PCs, smartphones, and other devices. Last year saw a steady stream of attacks that exploited Java vulnerabilities, allowing miscreants to surreptitiously install keyloggers and other malicious software when unwitting people browsed compromised websites. The abuse has already continued into 2013, when on Thursday researchers reported yet another critical bug that is being "massively exploited in the wild".
    Update: Asked for comment on Gowdiak's comments, an Oracle spokeswoman e-mailed the following statement: "Oracle is aware of a flaw in Java software integrated with web browsers. The flaw is limited to JDK7. It does not exist in other releases of Java, and does not affect Java applications directly installed and running on servers, desktops, laptops, and other devices. A fix will be available shortly."

    A Guy
      My System SpecsSystem Spec

  6. #16

    Posts : 149
    Windows 8.1 Pro 64-Bit, Ubuntu 13.04 64-Bit

    Sounds like it doesn't affect anything but web browsing. Therefore I will simply leave the java plugin disabled in Firefox and it shouldn't have anything to do with Minecraft gaming (as I use the downloaded client to play, not the browser version).
      My System SpecsSystem Spec

  7. #17

    Posts : 62
    Windows 8.1 Pro x64
      My System SpecsSystem Spec

  8. #18

    Arnhem, The Netherlands
    Posts : 1,412
    Windows 8.1 Pro x64 Media Center Edition

    Quote Originally Posted by kpo6969 View Post
    Thanx for the info!
      My System SpecsSystem Spec

  9. #19

    Orbiting the Moon
    Posts : 2,972
    Windows 10 x64

    I never install java.
    I use it locally, when needed by manually linking to the jre (java runtime environment) folder...
    That's what the portable versions do: they have a local jre otherwise they don't work. It's just that you don't need to install java.
    Every java program, for instance Minecraft has it's jre and only that paticular program will use java, no browsers nothing else.
    But if Minecraft needs and has internet connection then again you are exposed to the exploit.

    For example if I use Eclipse IDE for developing in Java, I give a jre folder in the Eclipse folder... and only Eclipse has Java, the PC not.

    If you install Java, the jar's and applets (in browsers) will run just like exe's on your pc and that's the dangerous part.
    By not installing, only what I want to run (gets its own jre) will run, the rest not.

    The local jre method is a bit safer.
    But with any method, even the portable one, you'll never be safe online as long as exploits exist.

    In the end everyone has its own method: by installing, not installing or not using at all.
      My System SpecsSystem Spec

  10. #20

      My System SpecsSystem Spec

Page 2 of 6 FirstFirst 1234 ... LastLast
Critical Java zero-day bug is being “massively exploited"

Similar Threads
Thread Forum
"Loading files ..." -> "Windows Boot Manager" -> "OneKey"
Hi all, So I'm kind of stuck.. I currently have the problem where I am in an endless cycle of "loading files" -> "Windows Boot Manager" (see: How To Boot Into Safe Mode On Windows 8 (The Easy Way)). I have tried to load all of the options -- and none successfully load. I also end up at...
General Support
IE10 wants "Java Script" -- using Proxy for QE II jubilee celebrations
Hi there works fine on W7 but on W8 RP can't get the BBC stuff I want (crazy since it's actually on Brussels Cable TV anyway although not in the form I want to watch it). The open proxy is fine -- bypasses all the IP control stuff. Sky GO works through the same proxy so I'm surprised BBC...
Browsers & Mail
Disabling the left screen "Bump" or "quick switch"
So got windows 8 Dev installed so far so good, I thought I would like the left screen bump to go to last app or program used feature till I installed some games and tried to play them suddenly my left side of my screen is no good if needing to scroll to the side say in a game like Starcraft II,...
General Support
Is there a way to massively remove all pinned apps in Win 8 Start Menu
Hi guys. I've recently needed to disable Windows 8 Start Menu due to the reason for laziness and that I wouldn't go unpinning each program one by one, after I installed the Office suite and K-Lite Codec Pack, the start menu was flooded by all the programs! Any ideas? Thanks

Eight Forums Android App Eight Forums IOS App Follow us on Facebook