Author Topic: *Urgent* Java Security Hole - (CVE-2012-4681)  (Read 2360 times)

0 Members and 1 Guest are viewing this topic.

Offline Shadowwolf

*Urgent* Java Security Hole - (CVE-2012-4681)
« on: August 30, 2012, 07:15:35 PM »
Hey guys,

Make sure you update your machines with the latest revision of Java as of today.

https://www.java.com/en/download/manual.jsp

There is a critical security hole in Java prior to this update that allowed websites to basically do what they wanted on your machine merely by you visiting a website with a malicious applet. More details here: http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html

I would also strongly suggest that if you are a user of Firefox, you update to either version 14 or higher which will allow you to turn on a feature that gives you the option to selectively enable plugins on websites as you see fit. This will help stop malicious code running in your browser.

Firefox 14+ Click-to-Play Howto:

[attachimg=1]

Open a new tab in Firefox and type "about:config". You will be prompted by a disclaimer that says "This might void your warranty", just click the "Ill Be Careful" button.

In the search box just below, type "plugins.click_to_play"

In the list below that you should see an entry, double-click on the entry to change it to "True" if it isnt already set to that.

Restart your browser.

You can also "whitelist" sites to autoload plugins with the option on the upper left of the address bar once the page loads.

[attachimg=2]



Google Chrome Click-to-Play Howto:

Open the Options menu in Chrome and select "Settings". At the bottom of the list select "Show Advanced Settings...".

[attachimg=3]

Under "Privacy" select the "Content Settings" button.

[attachimg=4]

Scroll down the list and select "Click to Play" under "Plugins"

[attachimg=5]



Unfortunately, Internet Explorer does not have a "Click to play" option at this time. You can manually enable or disable plugins but there is no option to turn them on per page visit as of yet.
Come to the darkside, we have cookies.
"A flute with no holes is not a flute, and a donut with no hole is a danish" - Chevy Chase as Ty Webb in Caddyshack
"Be who you are and say what you feel, because those who mind don't matter, and those who matter don't mind."- Dr. Suess