Java Compromised - Feds saying disable - New Version

[Drake]

There was a USA Federal warning on Java over the weekend. Then a new Java version 7 update 11.
Download Free Java Software

Now the feds are still saying it is vulnerable.
Oracle says Java is fixed; feds maintain warning - SFGate

Normally I would not warn about these things but it seems pretty bad and if you have to travel in bad internet neighborhoods in your work be careful.

What are you guys doing? Java has always been a security hole but I have trouble keeping it off.

 

[ayzo]

Ruskies gonna Rusk

Everyone should disable java, it's one of the most attacked plugin/extension/platform in browsers and just isn't worth the risk. Everyone is freaking out over this particular exploit but there are many more unpublished and unpatched 0day exploits for java out there, some available for as little as $5k USD. If you really need to use java in the browser then run it through a virtual machine or a cheap $20 VPS.

 

[light_taurus]

This is a major plan to destroy java. As if it is the only way to break into the victim's computer.