Disable Java NOW, users told, as 0-day exploit hits web - Polidicks

I use Chrome and: [img]http://puu.sh/10dTo[/img] Am I safe? Even with it disabled?

I am not infected, I am not infected... better safe than sorry.

[QUOTE=Furnost;37463446]I use Chrome and: [img]http://puu.sh/10dTo[/img] Am I safe? Even with it disabled?[/QUOTE] If its disabled, you should be fine. Atleast from this exploit anyway.

Shit I just updated my parent's computer and they don't know how to disable shit

I disabled Java last year as I ran into some stability issues with it. Thank god. [quote=Java]Version 6.0.260.3 - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers Last Updated: Monday, 27 June 2011[/quote]

[QUOTE=JinkoMK;37465420]I disabled Java last year as I ran into some stability issues with it. Thank god.[/QUOTE] You're probably vunerable to more exploits like this, and many others.

i just knew this was going to be a mr t thread

So when will we know they've fixed it?

[QUOTE=Mike Tyson;37465476]You're probably vunerable to more exploits like this, and many others.[/QUOTE] This thread and my experiences tell me otherwise.

I'm sorry but without Java the internet is unbrowsable...

I'm confused, I disabled Java in Chrome as described in this thread but it seems most websites that should break from lack of Java, isn't. Chatboxes, menus and some other stuff still display fine, even though they ought to fail to load.

Firefox disabled Java automatically for me.

[QUOTE=Im Crimson;37466530]I'm confused, I disabled Java in Chrome as described in this thread but it seems most websites that should break from lack of Java, isn't. Chatboxes, menus and some other stuff still display fine, even though they ought to fail to load.[/QUOTE] Java != JavaScript

chrome is a botnet

I don't know how, but apparently I never installed it again after I switched to an SSD. [QUOTE=Mike Tyson;37465476]You're probably vunerable to more exploits like this, and many others.[/QUOTE] If it's disabled, he shouldn't be vulnerable to any normal Java exploits.

[QUOTE=JFF_;37468062]chrome is a botnet[/QUOTE] The discussion is too old now, and it was, not is, was. And yeah, Java exploits, it is not like you have never heard of them, have you?

Same for flash exploits or browser exploits. An exploit is an exploit, they always happen.

Firefox automatically disabled my v7 Java. Thank you Firefox, you are my greatest ally.

I can't take advantage of it :( [img]http://puu.sh/10nzt[/img] (:v:)

[QUOTE=Map in a box;37469712]I can't take advantage of it :( [img]http://puu.sh/10nzt[/img] (:v:)[/QUOTE] You might want to do a full scan of your computer regardless. That happened to me. Although MSE detected the exploit immidiately, I still managed to get a trojan and a bunch of spyware.

[QUOTE=Map in a box;37469712]I can't take advantage of it :( [IMG]http://puu.sh/10nzt[/IMG] (:v:)[/QUOTE] dong blocked [editline]~[/editline] to be more serious, are you sure that isn't a false positive? Google "Dong-B" or similar and see if there's results from a few months back or similar, or upload that exe to virustotal and see if there's anything that other antiviruses will scream about.

And it's fixed: [url]http://www.zdnet.com/oracle-issues-major-java-security-fix-recommends-immediate-action-7000003517/[/url] [quote=ZDNet]Oracle has just released an update that is intended to patch up three "distinct but related vulnerabilities" as well as another serious security issue regarding Java running on desktop browsers. More specifically, the security holes could be exploited over a network without needing a username and password if an unsuspecting user is running an affected release in a browser and then visits a malicious web page that leverages this vulnerability. The possible outcome is that the vulnerabilities could be used to exploit personal data and accessibility of the user's system overall. Oracle software security assurance director Eric Maurice explained in a blog post on Thursday that customers should apply the updates as soon as possible because many of the technical details related to the vulnerabilities are already widely available online. [quote]If successfully exploited, these vulnerabilities can provide a malicious attacker the ability to plant discretionary binaries onto the compromised system, e.g. the vulnerabilities can be exploited to install malware, including Trojans, onto the targeted system. Note that this malware may in some instances be detected by current antivirus signatures upon its installation.[/quote] But Oracle asserts that the security vulnerabilities are not applicable to standalone Java desktop applications, Java running on servers, or any Oracle server based software. However, there is a bit of a firestorm over the delay and quietness of Oracle's response to these issues. Some media outlets are pointing towards Polish security firm Security Explorations, which claimed that Oracle knew about these vulnerabilities for months. To some degree, Oracle acknowledges this was Maurice pointed out that Oracle has received external reports that these vulnerabilities are already being actively exploited in the wild. Despite brewing criticism towards the Java owner, the patches are available now, so don't delay in applying them if your system is at risk.[/quote]

[QUOTE=commandhat;37469985]dong blocked [editline]~[/editline] to be more serious, are you sure that isn't a false positive? Google "Dong-B" or similar and see if there's results from a few months back or similar, or upload that exe to virustotal and see if there's anything that other antiviruses will scream about.[/QUOTE] It's the recent exploit. I'd know, I just recreated it :V:

[QUOTE=Map in a box;37469712]I can't take advantage of it :( [img]http://puu.sh/10nzt[/img] (:v:)[/QUOTE] Yeah, it seems like this exploit only affects people who don't have an anti-virus. Why are those people still allowed to connect to the internet? Microsoft should create a "friendly virus" that automatically downloads MSE to infected computers.

So does this mean I can get viruses from random ads and youtube videos?

[QUOTE=Krinkels;37475193]So does this mean I can get viruses from random ads and youtube videos?[/QUOTE] No, those are Flash, not Java. And as long as you have a decent up-to-date antivirus, you won't get anything. Also, the patch has been released.

[QUOTE=ShaunOfTheLive;37475200]And as long as you have a decent up-to-date antivirus, you won't get anything.[/QUOTE] And Common Sense 2012.

Oh, shit, were the fuck I disable Java?

[QUOTE=CaioLugia;37475243]Oh, shit, were the fuck I disable Java?[/QUOTE] You don't need to disable it; it's been fixed. Just download [URL="http://java.com/en/download/index.jsp"]Update 7[/URL]

[QUOTE=Kaihong;37454338]Posted this on my facebook to warn my friends and other acquaintances. everyone calling me a fraud :/[/QUOTE] When they get affected just laugh in their face and don't bother saying 'told you so'.