Disable Java NOW, Friends

[FloorGeneral]

*uses a mac*

http://www.macworld.com/article/116..._what_you_need_to_know.html#lsrc=twt_macworld

Why most Mac users aren’t at risk

All that said, there are two reasons why Macs are less at-risk than people on other platforms, despite being easy to exploit if the right conditions are in place.

The first, and most important, reason is that relatively few Macs are running the vulnerable version of Java. Any operating system running JRE 1.7 is affected, but the attack doesn’t work against JRE 1.6. That last one is the version that Mac users have installed (assuming they use Java at all).

The only way to update from Java 6 (1.6)—the last version supported by Apple—to Java 7 is by manually downloading and installing it from Oracle. And apparently few Mac users have done so: For example, according to a representative of Crashplan, the online backup service that uses Java for its client app, none of that company’s users (who must have Java installed) are using the vulnerable version.

The second reason you don’t have to worry, even if you do have Java 7 installed, is that Apple by default disabled Java applet support in Web browsers in its most recent Java security update. Starting with OS X 10.7 Lion, Java isn’t installed by default anyway. And even if you do turn on Java, OS X will turn it off again if you don’t use it for a while.

Many users do install Java for websites or applications (like Crashplan) that require it. But, again, even if you did install Java, the odds are very, very good that you aren’t running a vulnerable version.

 

[illadope]

This is one of the weakest 0 days Ive seen.

 

[FloorGeneral]

Java SE Downloads

Patch is out, go there^^ to download it

 

[Yapdatfool]

Damn, these plugins exploits are stupid.

Flash & Java need to be thrown in the bushes ASAP or step their security testing up.

 

[↓R↑LYB]

Damn, these plugins exploits are stupid.

Flash & Java need to be thrown in the bushes ASAP or step their security testing up.

Breh, every single piece of code goes through this.

 

[Racked Up]

How do you know which add ons have something to do with java?

anything that say anything about java....
u kno what to do

 

[concise]

Yall some scared hos, dont no one want your shieeeet

 

[illadope]

 

[Mountain]

How to Unplug Java from the Browser — Krebs on Security

Sht here tells you how to disable the Java on your browser properly, whether mac or windows. fukk Java.

Edit: Adobe can suck a dikk to.

 

[FloorGeneral]

Java 7 security -- New exploit found in Oracle's emergency patch

After an exploit in the latest Java 7 framework was discovered, Oracle (ORCL) responded with an emergency patch to fix the problem. The company’s quickness, however, may have opened the door to more vulnerabilities in the Java software. While the patch fixed the original exploit, it introduced a new vulnerability that allows an attacker to bypass the Java Virtual Machine sandbox. Researchers at Security Explorations discovered the exploit and have sent a proof of concept to Oracle, and they are currently waiting to hear back. The research firm has not released the code to the public, although it plans to write a technical paper on the issue once it has been patched. The latest exploit follows a string of vulnerabilities found in Java over the past year.

 

[#StarkSet]

java just got clapped quick

 

[the cool]

 

[2gunsup]

Updated the original post with new exploit. It's that time again.

 

[concise]

again?

 

[Liquid]

I'm on Ubuntu