java zero day threat

ibex666

ibex666

Member
Messages
88
Likes
8
Any one have any thoughts on using java at the moment with the current advice to disable java, bearing in mind that most charting / trading software uses java?
 
ibex666 said:
Any one have any thoughts on using java at the moment with the current advice to disable java, bearing in mind that most charting / trading software uses java?
Click to expand...

Hate Java but like you say..what can you do if everything runs on it?
 
Hi,

I work in IT Security so I can add some value here. Java 6 is now deprecated by Oracle. That means no more security patches or updates will be released. Java 7 update 15 is the latest and secure version so make sure you are running that.

However, the actual vulnerability or threat itself lies specifically in Java applets within the web browser. If you are using Java to launch native desktop applications you are ok and one way to prevent these attacks would be to remove java from the browser completely - unless you use java applets (which is rare these days) you do not need your browser to be able to run java.

So if you have removed java in your browser and still use java 6 then you are not in bad shape. If you do need java in the browser then update to java7 u 15 and you will be ok - for now :)

See this link on how to remove java from your browser, please note, java in the browser is different to running java on your desktop and are treated as separate entities.

https://krebsonsecurity.com/how-to-unplug-java-from-the-browser/

I am happy to answer more security related questions on this or other topics so fire away!

Thanks,

t2w

ibex666 said:
Any one have any thoughts on using java at the moment with the current advice to disable java, bearing in mind that most charting / trading software uses java?
Click to expand...
 
  • Like
Reactions: WR1
trade_to_win said:
Hi,

I work in IT Security so I can add some value here. Java 6 is now deprecated by Oracle. That means no more security patches or updates will be released. Java 7 update 15 is the latest and secure version so make sure you are running that.

However, the actual vulnerability or threat itself lies specifically in Java applets within the web browser. If you are using Java to launch native desktop applications you are ok and one way to prevent these attacks would be to remove java from the browser completely - unless you use java applets (which is rare these days) you do not need your browser to be able to run java.

So if you have removed java in your browser and still use java 6 then you are not in bad shape. If you do need java in the browser then update to java7 u 15 and you will be ok - for now :)

See this link on how to remove java from your browser, please note, java in the browser is different to running java on your desktop and are treated as separate entities.

https://krebsonsecurity.com/how-to-unplug-java-from-the-browser/

I am happy to answer more security related questions on this or other topics so fire away!

Thanks,

t2w
Click to expand...


I spoke too soon, another 0day from Java has come out for the latest Java 7 u 15 release. So yeah - remove from your browser if you do not need it to be secure!

remember: removing from your browser is different to removing it from your system if you need it to run charting or desktop trading software in java!
 
You must log in or register to reply here.

Similar threads

M
java problems
Replies
2
Views
2K
ae589
A
Z
Serious security vulnerability in Sun Java 1.4.2_05 and older
Replies
2
Views
5K
Buk
B
D
Integrating Matlab/Java/QuickFIX
Replies
3
Views
2K
alphadude
alphadude
JTrader
Java is a pain in the a**
Replies
11
Views
4K
shadowninja
shadowninja
S
Java Problem
Replies
4
Views
2K
oatman
O
Top