yunyin:

deepchrome:

pibird:

It’s annoying, but it’s best to disable your Java Plugins for the time being.

More info on how to do that: http://bit.ly/O04uQ0

Props to my Facebook friends for the info on how to do it. They pretty much rock.

I checked in my Firefox, and one was already disabled, and I just turned off the other Java plugin. While neither were exactly named the one mentioned in the linked article, better safe than sorry.

Thanks for the heads up. :)

This is kind of a pain, as tumblr is affected by it as well, but again, better safe than sorry.

Java is probably running on your browser right now. A quick explanation about a Zero-Day attack is that hackers will attempt to exploit a newly found vulnerability, and attack while the developers have not managed to fix it. And with Java, that can be months until Oracle System’s next update.

Malware installing exploits are among the worst things the internet can throw at you, and a malicious keylogger on your system makes your computer your own worst enemy. So I’m not going to take this threat lightly. But I am opting to go with a half way solution so I can visit the one or two trusted sites that require Java.

“If you primarily use Java because some Web site, or program you have on your system — such as OpenOffice or Freemind — requires it, you can still dramatically reduce the risk from Java attacks just by disabling the plugin in your Web browser. In this case, I  would suggest a two-browser approach. If you normally browse the Web with Firefox, for example, consider disabling the Java plugin in Firefox, and then using an alternative browser (Chrome, IE9, Safari, etc.) with Java enabled to browse only the site that requires it.”

This might seem like a hassle but keeping your computer safe, and browsing smart, is as much of a personal responsibility as knowing how to stay safe on the street. I changed the title from the original blog post here to something a bit more serious.

More reading can be done on these sites.

http://reviews.cnet.com/8301-13727_7-57501517-263/new-java-7-exploit-can-potentially-affect-macs/

http://krebsonsecurity.com/2012/08/attackers-pounce-on-zero-day-java-exploit/

http://www.computerworld.com/s/article/9230656/Macs_at_risk_from_super_dangerous_Java_zero_day

http://in.reuters.com/article/2012/08/27/us-cybersecurity-java-idINBRE87Q18820120827

No time to be cute, this is serious business.

(via yunyin)