Java vulnerabilities remain | ***Dave Does the Blog

Turned off at home. Poking our security group about it at work.

Reshared post from +Les Jenkins

That's not good. The patch they released apparently wasn't enough to close the hole.

Embedded Link

Critical Java vulnerabilities confirmed in latest version
Security researchers have confirmed that the latest version of Oracle’s Java software framework is vulnerable to Web hacks that allow attackers to install malware on end users’ computers.
“We have successfully confirmed that a complete Java security sandbox bypass can be still gained under the recent version of Java 7 Update 11 (JRE version 1.7.0_11-b21),” Adam Gowdiak, CEO of Poland-based Security Explorations, wrote in an advisory posted Friday…

Google+: View post on Google+

37 view(s)

One thought on “Java vulnerabilities remain”

The problem I have is that I actually do use it, all the time, for GoToMyPC.

Leave a Reply Cancel reply

Categories

***Dave Does the Mastodon

27 mins ago

I'm aghast at the #Trump proto-ban on #trans folk in the #military. Last time he lied about the costs. Now it's a more fundamental attack:

1. That #transgender stuff? Not true.

2. So trans troops are lying, not being "honorable, truthful and disciplined."

3. So requesting others respect their identity is asking folk to lie, thus not showing "humility and selflessness."

So trans folk must be kicked out, probably dishonorably, because they are, QED, evil, corrupting liars.

Jesus.

4 mins ago

#Trump issues EO stop federal support of any #gender #transitioning for those under age 19, and threatens federal litigation to prevent it, period. Any university, hospital, or medical group that gets any federal funding can and will be targeted here.

Why age 19 when age of consent / adulthood is 18? Because it sets a precedent for banning transition care all for adults, eventually.

Dark times for #trans folk and the friends and family who love them.

https://apnews.com/article/trump-transgender-transition-executive-order-301e4130233b411311978f66f455f1c4?taid=6799585821b2670001849c2b

6 hours ago

Having (a) exerted enough soft pressure to get a lot of companies to voluntarily drop their #DEI programs (or any semblance thereof), and (b) taken over the federal government and banned DEI there, the #GOP is now (c) threatening legal action against companies that have not complied with their demands to stop recognizing that historic and systemic #bias and #prejudice continue to interfere with their newly-sanctified worship of "merit."

Hope #Costco hangs in there.

https://www.reuters.com/sustainability/society-equity/republican-state-attorneys-pressure-costco-drop-diversity-policies-2025-01-28/

1 day ago

"'Commonsense': Mike Johnson in talks with #Trump to hold wildfire aid hostage for voter ID"

Because it is perfectly normal for the President to hold up federal aid addressing a massive disaster in order to extort political changes they want to see.

And self-proclaimed "Christian" Mike Johnson thinks that's a fine idea, because that's just What Jesus Would Do.

https://www.rawstory.com/wildfire-voter-id/

2 days ago

The #DearLeader will not be denied his coterie of lieutenants.

#Trump #cabinet #GOP #Republican #senate #SenateGOP

https://www.nbcnews.com/politics/donald-trump/white-house-republicans-trump-nominees-political-consequences-rcna189288

2 days ago

I am flushed with success, having successfully dealt with a major toilet clog. If the solution had been a snake, it would have bit me. But I should have predicted, once I took the plunge, that augury would point me in the right direction. :toilet:

2 days ago

Always fun to see how deeply some #Republicans are willing to brown-nose the #DearLeader #Trump.

#GOP #termlimits

https://ogles.house.gov/media/press-releases/rep-ogles-proposes-amending-22nd-amendment-allow-trump-serve-third-term

3 days ago

The guy who's made a career (and won elections) as a professional xenophobe wants a couple of other countries to take in a few million refugees, almost certainly permanently.

Or is it he just thinks all Arabs are alike, so why wouldn't Egypt and Jordan take in the population of Gaza so Israel can annex the land?

https://www.axios.com/2025/01/26/trump-gaza-palestinians-egypt-jordan

3 days ago

"L'etat c'est moi."

#Trump

https://www.cnn.com/2025/01/25/politics/trump-fires-inspectors-general/index.html

3 days ago

#Trump making noises about taking over #Greenland costs him (vs US reputation) nothing, makes him look like a Strong Amurrican to his #MAGA cohorts, and lets him show Putin and Xi that he belongs in their Big Boy Conquest Club.

And, he certainly thinks, maybe the pig will sing.

https://www.bbc.com/news/articles/crkezj07rzro

3 days ago

#Target becomes the latest corporate craven to eliminate its #DEI programs, "staying in step with the evolving external landscape."

OTOH, #Costco's just announced its shareholders roundly rejected a proposal to "review the risks of its DEI programs."

So ... another good reason for me to shop more at Costco than Target.

https://www.cnbc.com/2025/01/24/target-rolls-back-major-dei-initiatives.html

3 days ago

Not surprisingly, laws being passed to require #ageverification before accessing "porn" sites are very, very easily turned into censoring broad swathes of information that particular individuals, or parties, feel might be "harmful" to kids.

Consider things have been banned on t-shirts at schools. Now lock anything about that online behind an ID firewall.

#lgbtq #politics #protest #atheism #dissent #justice ... anything that has been branded "dangerous" for kids.

https://www.eff.org/deeplinks/2025/01/impact-age-verification-measures-goes-beyond-porn-sites

6 days ago

The City Council of #Tulsa, OK, has decided to swap out pre-meeting invocation #prayer for pre-meeting moments of silence, after an invocation prayer by a #pagan made many of them really, really uncomfortable, which got them wondering what non-Christians felt like when #Christian prayers were forced on them.

So, yay, Tulsa. At least for the moment.

https://www.wonkette.com/p/godless-libs-of-tulsa-ok-city-council

6 days ago

Seems to me that being condemned as "nasty" and "Radical Left hard line Trump hater" by #Trump himself is ... well, a pretty good endorsement of the target's virtue. cf. Matt. 5:11-12

Bravo to fellow Episcopalian Bp. #Budde for speaking truth to power.

https://www.theguardian.com/us-news/2025/jan/22/trump-bishop-mariann-edgar-budde

1 week ago

There are all sorts of reasons to think that a lot of #Trump's first-day executive orders are illegal and will be struck down by the courts.

Unfortunately, that requires (a) the courts to actually do so, all the way up to (presumably) #SCOTUS, and (b) him and/or his appointed lackeys to pay any attention to what the courts, vs the #DearLeader, say.

https://reason.com/volokh/2025/01/20/trumps-illegal-first-day-executive-actions/

Legal Lingo

The views expressed by me on this weblog are mine alone and do not necessarily reflect the views of my employer, my church, my party, my candidate, my community, my wife, my friends, or, on occasion, myself.

Views expressed by others are, well, theirs. I reserve the right to delete them, but it’s usually better to let the marketplace of ideas hold sway, even if some packages are long past their expiry date.

Stuff I link to? Sometimes it’s because I agree with it. Sometimes because I disagree with it, but want to point (mockingly, in some cases) to my sources regardless; I have a liberal arts background; I believe in citations. And linking to stuff is what the Internet is about.

Related

One thought on “Java vulnerabilities remain”

Leave a Reply Cancel reply