java zero day threat

ibex666

Member
88 8
Any one have any thoughts on using java at the moment with the current advice to disable java, bearing in mind that most charting / trading software uses java?
 
M

member275544

0 0
Any one have any thoughts on using java at the moment with the current advice to disable java, bearing in mind that most charting / trading software uses java?

Hate Java but like you say..what can you do if everything runs on it?
 

trade_to_win

Newbie
3 1
Hi,

I work in IT Security so I can add some value here. Java 6 is now deprecated by Oracle. That means no more security patches or updates will be released. Java 7 update 15 is the latest and secure version so make sure you are running that.

However, the actual vulnerability or threat itself lies specifically in Java applets within the web browser. If you are using Java to launch native desktop applications you are ok and one way to prevent these attacks would be to remove java from the browser completely - unless you use java applets (which is rare these days) you do not need your browser to be able to run java.

So if you have removed java in your browser and still use java 6 then you are not in bad shape. If you do need java in the browser then update to java7 u 15 and you will be ok - for now :)

See this link on how to remove java from your browser, please note, java in the browser is different to running java on your desktop and are treated as separate entities.

https://krebsonsecurity.com/how-to-unplug-java-from-the-browser/

I am happy to answer more security related questions on this or other topics so fire away!

Thanks,

t2w

Any one have any thoughts on using java at the moment with the current advice to disable java, bearing in mind that most charting / trading software uses java?
 
  • Like
Reactions: WR1

trade_to_win

Newbie
3 1
Hi,

I work in IT Security so I can add some value here. Java 6 is now deprecated by Oracle. That means no more security patches or updates will be released. Java 7 update 15 is the latest and secure version so make sure you are running that.

However, the actual vulnerability or threat itself lies specifically in Java applets within the web browser. If you are using Java to launch native desktop applications you are ok and one way to prevent these attacks would be to remove java from the browser completely - unless you use java applets (which is rare these days) you do not need your browser to be able to run java.

So if you have removed java in your browser and still use java 6 then you are not in bad shape. If you do need java in the browser then update to java7 u 15 and you will be ok - for now :)

See this link on how to remove java from your browser, please note, java in the browser is different to running java on your desktop and are treated as separate entities.

https://krebsonsecurity.com/how-to-unplug-java-from-the-browser/

I am happy to answer more security related questions on this or other topics so fire away!

Thanks,

t2w


I spoke too soon, another 0day from Java has come out for the latest Java 7 u 15 release. So yeah - remove from your browser if you do not need it to be secure!

remember: removing from your browser is different to removing it from your system if you need it to run charting or desktop trading software in java!
 
 
AdBlock Detected

We get it, advertisements are annoying!

But it's thanks to our sponsors that access to Trade2Win remains free for all. By viewing our ads you help us pay our bills, so please support the site and disable your AdBlocker.

I've Disabled AdBlock