JMH
Emeritus, Contributor
- Apr 2, 2012
- 7,197
Microsoft: Update Java or kill it
- Thread starter JMH
- Start date
Why are they focusing on java?
Java is far less exploited than flash...
Or would a security expert care to correct me?
Java is more widely used and is very easy to script maliciously. However, anyone with a PC updated in the last 5 years could fight off most the attacks.
@satrow, do you think they are doing this because of java's involvement in things like IE? While flash is stand alone?(for the most part)
Java is far less exploited than flash...
Or would a security expert care to correct me?
Java is more widely used and is very easy to script maliciously. However, anyone with a PC updated in the last 5 years could fight off most the attacks.
@satrow, do you think they are doing this because of java's involvement in things like IE? While flash is stand alone?(for the most part)
If (and I have tested this out) I hit the attack website with Firefox and the Java plugin disabled, nothing untoward happened, Process Explorer showed nothing new - in IE however, 2x new processes beginning with J* were triggered, by my reckoning, by Windows' file association - probably some hangover related to keeping enterprises happy when running ancient Java apps that the old MSJava used to run back in the W2K/XPSP1 era?
I didn't think to also test what would happen if I globally switched off Java via the control Panel. I don't recall the exact exe names that were triggered, and I was quite eager to get them shut down, even though I was confident about my security and all my software was fully updated.
FX also flagged up the Google Safe Browsing warning that I had to bypass to access the site - in IE, there was no such warning, SmartScreen only seems to look for phishing sites and 'rare' downloads, regardless of whether they're actually infected or not.
I didn't think to also test what would happen if I globally switched off Java via the control Panel. I don't recall the exact exe names that were triggered, and I was quite eager to get them shut down, even though I was confident about my security and all my software was fully updated.
FX also flagged up the Google Safe Browsing warning that I had to bypass to access the site - in IE, there was no such warning, SmartScreen only seems to look for phishing sites and 'rare' downloads, regardless of whether they're actually infected or not.
Has Sysnative Forums helped you? Please consider donating to help us support the site!