L2J Server

Posted: **Thu Aug 30, 2012 4:57 pm**

There was discovered some java 7 security vulnerability which allows Remote Code Execution exploit i would suggest you to disable temporarily Java 7 plugin in your browser until oracle provide a patch.

Information: http://www.informationweek.com/security ... /240006535

Posted: **Thu Aug 30, 2012 8:21 pm**

the first time that I readed this, I was thinking the exploit works just having Java installed and nothing more.

but no... after read about this in other security websites, and the CVE-2012-4681, I can say that the exploit is not a exploit at all, is just a malware that use some Java 7 features, and require user intervention to install a plugin (applet) from a malicious website.

also the applet doesn't contain a digital signature, so the user will see a pop-up before trying to install it.

in short words you just need to be really unfriendly with computers in order to decide install it by yourself and manually something unknown, leaving your machine vulnerable to others xD

anyway, this is already fixed in Java SE 7u7, so just update

http://www.oracle.com/technetwork/java/ ... index.html

Posted: **Sat Sep 01, 2012 9:51 am**

http://arstechnica.com/security/2012/08 ... west-java/
More flaws and and arguably a much more serious bug in Update 7!
I'd think twice before updating.

Posted: **Wed Sep 26, 2012 7:14 pm**

Actually it end up worse now they found vuln since java 5

http://blogs.computerworld.com/malware- ... users-risk

Soo if u didn't disabled java plugin in your browser before now is the time to do it

Posted: **Wed Sep 26, 2012 7:58 pm**

Or switch to OpenJDK, maybe they don't have that bug or have fixed it.

Posted: **Wed Sep 26, 2012 8:01 pm**

OpenJDK have the same bug xD

anyway you just need to disable plugin from browser temporally (until Java update is released), not whole Java.

it probably will be fixed in next version of Java that will be released in Oct 16, I hope.

Posted: **Wed Sep 26, 2012 8:19 pm**

probably... I hope

Yeah...

Posted: **Tue Oct 16, 2012 9:22 pm**

issue is fixed in Java SE 7u9, released today (Oct 16)

Update Release Notes: http://www.oracle.com/technetwork/java/ ... 63279.html

Posted: **Sat Mar 02, 2013 1:28 pm**

And here we go again http://blog.fireeye.com/research/2013/0 ... day-2.html (Thanks lion)

Posted: **Sat Mar 02, 2013 2:16 pm**

UnAfraid wrote:And here we go again http://blog.fireeye.com/research/2013/0 ... day-2.html (Thanks lion)

Their fixes are starting to look like mine

Posted: **Sat Mar 02, 2013 3:46 pm**

Java plugin is turning as Flash Player xD

I guess Update 17 will come soon, probably during march, lol.

Posted: **Tue Mar 05, 2013 1:07 am**

issue fixed in Java 7 Update 17: http://www.oracle.com/technetwork/java/ ... index.html

Release Notes: http://www.oracle.com/technetwork/java/ ... 15289.html

Posted: **Wed Mar 06, 2013 2:07 am**

Interesting info

L2J Server

[SOLVED] Java 7 security vulnerabilities.

[SOLVED] Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: Java 7 security vulnerabilities.

Re: [SOLVED] Java 7 security vulnerabilities.

Re: [SOLVED] Java 7 security vulnerabilities.

Re: [SOLVED] Java 7 security vulnerabilities.

Re: [SOLVED] Java 7 security vulnerabilities.

Re: [SOLVED] Java 7 security vulnerabilities.