Alg Posted January 12, 2013 Share Posted January 12, 2013 I joke, but... "End Of RuneScape", perhaps? Wouldn't be surprised if someone finally managed to end Jagex's game somewhat. :twss:It was fixed withing 10-20 minutes or so, and pretty much just affected the login server. I painted some stuff and put it on tumblr Link to comment Share on other sites More sharing options...
D. V. Devnull Posted January 12, 2013 Share Posted January 12, 2013 I joke, but... "End Of RuneScape", perhaps? Wouldn't be surprised if someone finally managed to end Jagex's game somewhat. :twss: It was fixed withing 10-20 minutes or so, and pretty much just affected the login server.Awwwwwwwwwwwww... Would have been fun to see RuneScape dead... :sad: ~D. V. "I'm bummed out..." Devnull and normally with a cool mind.(Warning: This user can be VERY confusing to some people... And talks in 3rd person for the timebeing due to how insane they are... Sometimes even to themself.) Link to comment Share on other sites More sharing options...
Sylpheed Posted January 12, 2013 Share Posted January 12, 2013 I joke, but... "End Of RuneScape", perhaps? Wouldn't be surprised if someone finally managed to end Jagex's game somewhat. :twss: It was fixed withing 10-20 minutes or so, and pretty much just affected the login server.Awwwwwwwwwwwww... Would have been fun to see RuneScape dead... :sad: ~D. V. "I'm bummed out..." Devnull Sorry, why are you still here again? 11 Link to comment Share on other sites More sharing options...
Sbrideau Posted January 12, 2013 Share Posted January 12, 2013 So... Does this affect Java 6-series? :huh: If not, I would say everyone should downgrade to the Latest Java 6 Update. It just seems to me that all the latest exploits only affect the Java 7-series platform. So it might be equally logical that if people stop using it and use the Latest Java 6-series until the bugs are fixed right, then we'll get a better Java 7-series for all. Geez, talk about newer not always being better. :-k On less serious notes...<<<Image: http://i.imgur.com/zDOM7.png>>> Don't worry, Jagex already fixed it!I joke, but... "End Of RuneScape", perhaps? Wouldn't be surprised if someone finally managed to end Jagex's game somewhat. :twss: ~D. V. "I don't think RS is even fully Java 7-series Compatible yet." Devnull They only talk about the latest platform because it's the current one. Usually with Java if there's an exploit with the current version you can be sure there are exploits with the old versions. There's a reason it's updated so often, they find exploits in it every week. If you go on trusted websites such as Runescape, there are not risks to security. Link to comment Share on other sites More sharing options...
Piu Posted January 12, 2013 Share Posted January 12, 2013 This sounds like a Java drive-by. And those have existed ever since who-knows-when. [hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide][hide]Never gonna give you up.[/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide][/hide]"We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12 Link to comment Share on other sites More sharing options...
strilmus Posted January 12, 2013 Share Posted January 12, 2013 Firefox is now just blocking every instance of Java by default. They better fix this damn thing soon.... Link to comment Share on other sites More sharing options...
Randox Posted January 12, 2013 Share Posted January 12, 2013 I'd love a bit more detail on what the exact extent of the weakness is, but yeah, nice catch misplacedme, thanks (I'm going to guess that when they start recommending to outright uninstall Java, it's probably a flaw large enough to sail a ship through). Also, a java drive by uses Java Script, though I believe you need a scripting language (normally Java Script) to run Java in a browser (please correct me if I'm wrong), so blocking scripting languages might still protect you. I would also imagine that Java is in a better position to get something onto your computer and getting it to run without raising an alarm. I'd also be interested in the potential against phones in particular. Link to comment Share on other sites More sharing options...
strilmus Posted January 12, 2013 Share Posted January 12, 2013 yep, noscript should stop most badness by default, although figuring out which things to filter and which to keep is sort of a crapshoot without a cheatsheet Link to comment Share on other sites More sharing options...
wormy Posted January 13, 2013 Share Posted January 13, 2013 I go with: if I try to click something and it does not work, temp allow something. Link to comment Share on other sites More sharing options...
Makoto_the_Phoenix Posted January 13, 2013 Share Posted January 13, 2013 I'd love a bit more detail on what the exact extent of the weakness is, but yeah, nice catch misplacedme, thanks (I'm going to guess that when they start recommending to outright uninstall Java, it's probably a flaw large enough to sail a ship through). Also, a java drive by uses Java Script, though I believe you need a scripting language (normally Java Script) to run Java in a browser (please correct me if I'm wrong), so blocking scripting languages might still protect you. I would also imagine that Java is in a better position to get something onto your computer and getting it to run without raising an alarm. I'd also be interested in the potential against phones in particular. For the time being, it looks like it only affects the browser plugin (see http://www.kb.cert.org/vuls/id/625617). Also, there's no involvement of Javascript here - unless that's the delivery path of choice for these attackers. Disabling Javascript may help, but it won't make you 100% safe from this. The only real way to be secure is to remove Java, full stop. Linux User/Enthusiast | Full-Stack Software Engineer | Stack Overflow Member | GIMP User...Alright, the Elf City update lured me back to RS over a year ago. Link to comment Share on other sites More sharing options...
Pirkka Posted January 13, 2013 Share Posted January 13, 2013 Java 7.11 released, which fixes this exploit. http://java.com/en/download/manual.jsp 40,919th person to access Turmoil. 21,559th person to access Overloads. Are there any hidden bonuses here? No bonuses Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now