sees_all1 Posted August 28, 2012 Share Posted August 28, 2012 If you're unsure the version of Java that you're running in Windows, open a command prompt and type "java -version" Wonder how this affects macs, since crApple writes their own jre. 99 dungeoneering achieved, thanks to everyone that celebrated with me! ♪♪ Don't interrupt me as I struggle to complete this thoughtHave some respect for someone more forgetful than yourself ♪♪♪♪ And I'm not doneAnd I won't be till my head falls off ♪♪ Link to comment Share on other sites More sharing options...
Syd Posted August 28, 2012 Share Posted August 28, 2012 I was tried to hack with something like this couple weeks back. Was chatting with a RS "friend" on Skype when she wanted to show her bank picture. The link seemed okay, but when I clicked to the link (picture host) it asked me to allow java on this site. Obviously I declined, cause why would I need java to look at a picture? Afterwards I tried clicking to "other pictures from this user" to end up in some free webhosting site. It's really easy to fall in for something like this, so you really have to be very careful what you click and what you allow. I obviously ran a PC scan soon afterwards, followed by changing passwords and such. Items are safe till to date. Link to comment Share on other sites More sharing options...
Riptide Mage Posted August 28, 2012 Share Posted August 28, 2012 If you're unsure the version of Java that you're running in Windows, open a command prompt and type "java -version" Wonder how this affects macs, since crApple writes their own jre. http://www.java.com/...d/installed.jsp is an easier way to check what version It fully affects java under any PC OS: Windows, OSX, Linux, and possibly even Android. The link seemed okay, but when I clicked to the link (picture host) it asked me to allow java on this site. Obviously I declined, cause why would I need java to look at a picture? This exploit bypasses the need to request user permission, the instant you clicked the link you would have been owned. You make it sound like running through a few level 87 monsters is hard which it really shouldn't be at your level. Link to comment Share on other sites More sharing options...
Randox Posted August 29, 2012 Share Posted August 29, 2012 So its like a drive-by attack, but no script wont block it. *shrugs* Fortunately I don't make a habbit of visiting even new sites, let alone dodge ones. I could also just revert by 3 versions until they decide to fix it. Link to comment Share on other sites More sharing options...
Riptide Mage Posted August 29, 2012 Share Posted August 29, 2012 NoScript absolutely would prevent it, as NoScript flat out doesn't allow Java to run at all. Reverting to 3 versions ago though..is pointless. The current version is Java 7 update 6, this affects all versions of Java 7. Reverting to Java 6 would only make you even more vulnerable to exploits that were patched with Java 7. You make it sound like running through a few level 87 monsters is hard which it really shouldn't be at your level. Link to comment Share on other sites More sharing options...
Makoto_the_Phoenix Posted August 29, 2012 Share Posted August 29, 2012 I wonder how I'll ever get any work done...we exclusively use Java. Oh wait, wrong version; shouldn't have to worry about this particular exploit... I also didn't see any mention of if OpenJDK 7 was affected. It may be worth looking into (a guess says it may be), but if it isn't, then it's a pretty good alternative to Oracle JVM. Linux User/Enthusiast | Full-Stack Software Engineer | Stack Overflow Member | GIMP User...Alright, the Elf City update lured me back to RS over a year ago. Link to comment Share on other sites More sharing options...
Randox Posted August 29, 2012 Share Posted August 29, 2012 When I said reverting 3 versions, I was looking at my version number. Java doesn't upgrade until I tell it to. And if java cant run without javascript telling it to run, then perfect. No change. Link to comment Share on other sites More sharing options...
Platinum_Myr Posted August 29, 2012 Share Posted August 29, 2012 When I said reverting 3 versions, I was looking at my version number. Java doesn't upgrade until I tell it to. And if java cant run without javascript telling it to run, then perfect. No change. Java and Javascript have (almost) nothing in common, besides the name, and the fact that they are both "programming" languages of a sort. The above poster mis-understood the no-script plugin/extension. NoScript prevents Javascript, and it *might* be able to prevent Java as well, not sure. But that is a different setting. Maxed since Sunday, January 9th, 2014Completionist since Wednesday, June 4th, 2014 Link to comment Share on other sites More sharing options...
Makoto_the_Phoenix Posted August 29, 2012 Share Posted August 29, 2012 When I said reverting 3 versions, I was looking at my version number. Java doesn't upgrade until I tell it to. And if java cant run without javascript telling it to run, then perfect. No change. Java and Javascript have (almost) nothing in common, besides the name, and the fact that they are both "programming" languages of a sort. The above poster mis-understood the no-script plugin/extension. NoScript prevents Javascript, and it *might* be able to prevent Java as well, not sure. But that is a different setting. Just to make it clear: "Java and Javascript are similar like Car and Carpet are similar." - Greg Hewgill If you want to be absolutely sure, disable the plugin. Linux User/Enthusiast | Full-Stack Software Engineer | Stack Overflow Member | GIMP User...Alright, the Elf City update lured me back to RS over a year ago. Link to comment Share on other sites More sharing options...
Alg Posted August 29, 2012 Share Posted August 29, 2012 The above poster mis-understood the no-script plugin/extension. NoScript prevents Javascript, and it *might* be able to prevent Java as well, not sure. But that is a different setting.I checked when it was first brought up yesterday, and it looks like there is an option to disable Java for untrusted sites. I painted some stuff and put it on tumblr Link to comment Share on other sites More sharing options...
Riptide Mage Posted August 29, 2012 Share Posted August 29, 2012 The above poster mis-understood the no-script plugin/extension. NoScript prevents Javascript, and it *might* be able to prevent Java as well, not sure. But that is a different setting.I checked when it was first brought up yesterday, and it looks like there is an option to disable Java for untrusted sites. Yup indeed, the first line on the noscript website: The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank). You make it sound like running through a few level 87 monsters is hard which it really shouldn't be at your level. Link to comment Share on other sites More sharing options...
ilovecuttingyews Posted August 31, 2012 Share Posted August 31, 2012 Oracle has released a new Java update that patched the security flaw. http://reviews.cnet.com/8301-13727_7-57503787-263/oracle-patches-java-7-vulnerability/ 1 Link to comment Share on other sites More sharing options...
Bohemian Rhapsody Posted August 31, 2012 Share Posted August 31, 2012 Thanks for sharing, man! Any Way The Wind Blows... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now