The News‎ > ‎

Oracle no. Oracle what are you doing? Oracle! Stahp!

posted Sep 26, 2012, 2:13 AM by Leigh Williams
Oracle, stahp! Just stahp!

Another vulnerability has been discovered, affecting basically all major browser vendors, including Firefox and Chrome. So far the vulnerability has been tested on Windows 7 32bit (fully patched), but researchers say it will work regardless of bus width or operating system. Yes, even Linux users are affected. The vulnerability is also present in Java 5, 6 and 7.

Basically this exploit will allow an attacker to run code, applications, delete data etc as the logged on user. So please, don't log on as a user with escalated privileges such as Administrator or root unless you have to. Logging on as a normal user won't prevent this attack or miraculously fix the vulnerability, but it can reduce the effects and spread should this Java vulnerability be exploited on your computer or servers. 

If you can disable or remove Java from your system, consider doing it as soon as possible. I will even go as far as setting up a "Don't install Java if you don't need it" security policy. Take note of the words "security policy". Not "usage policy" of "software policy" because this is no longer about usage and just a random piece of software anymore. Three times in less than 6 months is a bit much.

I urge you to check out the source link below for the full story: