Thursday

Another Hot Java Mess

Oracle's Java and Adobe Flash seem to be the go-to methods used by the Bad Guys to gain access to your computer these days, and this time it's Java's turn. A new zero-day vulnerability is reportedly  being "massively exploited" in the wild. The basic idea is that you arrive at an (unknown to you) infected web site, the web site does it's magic using this latest vulnerability in your Java plug-in on your web browser and bingo - you have cooties. My understanding is it does not matter too much which browser you are using, if it has an active Java plugin (which they mostly do by default).  The only real solution for now is to disable or remove the Java plugin.
ArsTechnica


java

No comments :