由买买提看人间百态

boards

本页内容为未名空间相应帖子的节选和存档,一周内的贴子最多显示50字,超过一周显示500字 访问原贴
Security版 - US-CERT warns users to disable Java in web browsers, Apple
相关主题
[转载] *Another* severe IE Security vulnerability foundHelp! I was hacked...
请问是不是有个专门网站提供各知名网站的漏洞?发现virus/vulnerability
Top security vendor looks for new talentsLooking for security researchers
how to enable IE add-ons?w32.spybot.worm
Open Position - Research Scientist at McAfee Inc. (转载)Mozilla Firefox Two Vulnerabilities
Know your enemy IIIAlternate Data Stream (ADS) of NTFS
ftpd vulnerabilitycsrss 频繁出对话框, 求助。
BugTraq是什么东西?最近的水很少哦
相关话题的讨论汇总
话题: java话题: apple话题: us话题: cert话题: security
进入Security版参与讨论
1 (共1页)
r****y
发帖数: 26819
1
【 以下文字转载自 Java 讨论区 】
发信人: rodney (√), 信区: Java
标 题: US-CERT warns users to disable Java in web browsers, Apple
发信站: BBS 未名空间站 (Sat Jan 12 16:12:04 2013, 美东)
http://www.engadget.com/2013/01/12/us-cert-java-security-warnin
It's far from the first time that computer users have been warned to disable
Java, but this latest security issue has risen to some high levels at a par
ticularly rapid pace. After first being reported by security researchers on
Thursday, the United States Computer Emergency Readiness Team (or US-CERT, a
part of the Homeland Security department) stepped in with a warning of its
own on Friday, which bluntly suggested that all computer users should disabl
e Java in their web browsers (for its part, Oracle says that a fix is coming
"shortly"). The flaw itself is a vulnerability in the Java Security Manager
, which an attacker could exploit to run code on a user's computer.
Not content to wait for a fix, some companies have already taken steps to bl
ock possible exploits. That includes Apple, which has added recent versions
of Java to its blacklist covering all OS X users, and Mozilla, which has ena
bled its "Click To Play" functionality in Firefox for all recent versions of
Java across all platforms (it was previously only enabled by default for ol
der versions of Java). Apple's move follows an earlier decision to remove th
e Java plug-in from browsers in OS X 10.7 and up last fall. You can find the
full alert issued by US-CERT and additional details on the vulnerability at
the links below.
1 (共1页)
进入Security版参与讨论
相关主题
最近的水很少哦Open Position - Research Scientist at McAfee Inc. (转载)
最近IE 老是自己跳窗口, 是不是中毒啦?Know your enemy III
内推上市公司Application Security Engineerftpd vulnerability
rkshBugTraq是什么东西?
[转载] *Another* severe IE Security vulnerability foundHelp! I was hacked...
请问是不是有个专门网站提供各知名网站的漏洞?发现virus/vulnerability
Top security vendor looks for new talentsLooking for security researchers
how to enable IE add-ons?w32.spybot.worm
相关话题的讨论汇总
话题: java话题: apple话题: us话题: cert话题: security