Go to a  "printer friendly" view of this message which allow an easy print Printer-friendly copy Go to the page which allows you to send this topic link and a message to a friend Email this topic to a friend
Forums Lobby MULTILINGUAL NIKONIANS English Café (Public) topic #86705
View in linear mode

Subject: "Security warning for Java" Previous topic | Next topic
jrp Administrator JRP is one of the co-founders, has in-depth knowledge in various areas. Awarded for his contributions for the Resources Charter MemberSun 20-Jan-13 04:39 PM
33940 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profile
"Security warning for Java"
Sun 20-Jan-13 04:46 PM by jrp

San Pedro Garza García, MX
          

The US Department of Homeland Security issued a security warning for Java through their Computer Emergency Readiness Team (CERT) in a post on its Web site on Thursday evening.

Continuing fears and an escalation in warnings from security experts all over, state that hundreds of millions of business and consumer users are vulnerable to a serious flaw.

Hackers have discovered a weakness in Java 7 security that could allow the installation of malicious software and malware on machines that could increase the chance of identity theft, or the unauthorized participation in a botnet that could bring down networks or be used to carry out denial-of-service attacks against Web sites.

“This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available.” said CERT.

It is therefore highly advisable to uninstall or disable Java 7.

A security patch was released by Oracle back in August, that did not fully work, so users are not confident a new patch will fully work either.

Furthermore, although the most vulnerable machine OS is Windows, other platforms have also been confirmed as vulnerable.

Have a great time
JRP (Founder & Administrator. Nikonian at the north-eastern Mexican desert) Gallery, Brief Love Story, The Team
Join the Silver, Gold and Platinum members that help this happen; upgrade. Join your personal web site to the Nikonians WebRing
Make sure you check our workshops at The Nikonians Academy and the product catalog of the Photo Pro Shop

  

Alert Printer-friendly copy | Reply | Reply with quote | Top

Replies to this topic
Subject Author Message Date ID
Reply message RE: Security warning for Java
benveniste Moderator
20th Jan 2013
1
Reply message RE: Security warning for Java
Covey22 Moderator
20th Jan 2013
2
Reply message RE: Security warning for Java
coolmom42 Silver Member
20th Jan 2013
3
     Reply message RE: Security warning for Java
Ned_L Moderator
21st Jan 2013
4
          Reply message RE: Security warning for Java
ttoolan Silver Member
21st Jan 2013
5
Reply message RE: Security warning for Java
King Nothing Gold Member
22nd Jan 2013
6

benveniste Moderator Awarded for is high level skills in various areas, including Macro and Landscape Photography Nikonian since 25th Nov 2002Sun 20-Jan-13 08:43 PM
9348 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to send message via AOL IM
#1. "RE: Security warning for Java"
In response to Reply # 0


Boston Area, US
          

It is therefore highly advisable to uninstall or disable Java 7.

The wording of the latest version of the advisory is is: "Unless it is absolutely necessary to run Java in web browsers, disable it as described below, even after updating to 7u11. This will help mitigate other Java vulnerabilities that may be discovered in the future."

Furthermore, although the most vulnerable machine OS is Windows, other platforms have also been confirmed as vulnerable.

Unfortunately, all platforms are equally vulnerable to this particular attack, since it allows execution of arbitrary Java instructions. However, Apple has blocked execution of the Java 7 plugin on OS-X for you; Windows and Linux users have to do it themselves. Last April's Mac Flashback worm spread through a very similar Java vulnerability.

Finally, to set to rest a bit of common confusion, Javascript and Java are two entirely different technologies. This particular security flaw is in Java, not Javascript.

AFAIK, the Nikonians site does not use client-side Java applets, but there's no way to prevent people from accidentally posting a link to an infected website.

"There is no real magic in photography, just the sloppy intersection of physics and art." — Kirk Tuck

  

Alert Printer-friendly copy | Reply | Reply with quote | Top

Covey22 Moderator Expert in various fields including aviation photography Awarded for his contributions to the Resources and The Nikonian eZine Charter MemberSun 20-Jan-13 10:36 PM
10427 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profile
#2. "RE: Security warning for Java"
In response to Reply # 0


US
          

Some partial good news - most smart browser implementations have automatically disabled Java 7 plugins if they have the ability. Firefox 18 has this.

To check what version of Java you are running:

http://www.java.com/en/download/installed.jsp

"Toodle-loo from Covey22!"

-Armando
Nikonians Team
Nikonians News - Fresh Everyday!

The Covey Blog!

My Plan:

Get out of the car.
Get closer to the subject.
Pick the right mid-tone this time.

See My Nikonians Gallery

  

Alert Printer-friendly copy | Reply | Reply with quote | Top

    
coolmom42 Silver Member Awarded for her enthusiastic support of the community and exemplifying the Nikonian mission “Share, Learn and Inspire” Nikonian since 30th Nov 2011Sun 20-Jan-13 11:41 PM
2816 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profile
#3. "RE: Security warning for Java"
In response to Reply # 2


McEwen, US
          

My Firefox 18.01 has disabled Java plug-ins.

I was having problems with some websites I use at work earlier this week; I wonder if it was because the Java plug-in was disabled on IE8. I don't use IE8 at home but am forced to use it at work, since some of our applications won't work with Firefox.

working on it in Middle TN
Nikon D3100

35 mm 1.8 Nikkor
18-55 mm Nikkor VR
55-200 mm Nikkor VR
55-300 mm Nikkor VR
150-500 mm Sigma OS
Feisol CT3471 & Markins M20 ballhead

Visit my Nikonians gallery.

Visit my Nikonians gallery.

  

Alert Printer-friendly copy | Reply | Reply with quote | Top

        
Ned_L Moderator Awarded for his in-depth knowledge in various areas, especially Travel Photography Charter MemberMon 21-Jan-13 05:02 PM
6398 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profile
#4. "RE: Security warning for Java"
In response to Reply # 3


Philadelphia, US
          

There are definitely some websites that when Java is disabled, they won't work.

Ned
A Nikonians Team Member

-----------------------------
Visit my Travel Photography Blog and my Galleries.

  

Alert Printer-friendly copy | Reply | Reply with quote | Top

            
ttoolan Silver Member Nikonian since 29th Aug 2007Mon 21-Jan-13 07:36 PM
933 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profile
#5. "RE: Security warning for Java"
In response to Reply # 4


Sacramento, US
          

My Chrome browser is set to ask if I want to allow Java to run. This seems to work. That way I can allow it to run if I trust the site.

Tom
D800E, D3, D200, D70, F6, F3/T, F2AS, FM2N


Visit my Nikonians gallery.


  

Alert Printer-friendly copy | Reply | Reply with quote | Top

King Nothing Gold Member Nikonian since 31st Dec 2011Tue 22-Jan-13 02:19 AM
110 posts Share on Facebook Share on Twitter Share on Linkedin    Click to send email to this author Click to send private message to this authorClick to view this author's profile
#6. "RE: Security warning for Java"
In response to Reply # 0


Cranbrook, CA
          

Thanks for warning us but this is par for the course with Java. As soon as one zero day is patched another is exploited and it's been like that for probably ten years now. Same with Adobe flash. It's why I don't install either one of them on my computer except under strictly controlled circumstances.

Visit my Nikonians gallery.

  

Alert Printer-friendly copy | Reply | Reply with quote | Top

Forums Lobby MULTILINGUAL NIKONIANS English Café (Public) topic #86705 Previous topic | Next topic


Take the Nikonians Tour and learn more about being a Nikonian Wiki /FAQ /Help Listen to our MP3 photography radio channels Find anything on Nikon and imaging technology - fast!

Copyright © Nikonians 2000, 2014
All Rights Reserved

Nikonians®, NikoScope® and NikoniansAcademy™ are trademarks owned by Nikonians.org.
Nikon®, Nikonos® and Nikkor® are registered trademarks of Nikon Corporation.