OT - But Important: Really Nasty Web Security Problem Found

http://www.theregister.co.uk/2012/08/27/disable_java_to_block_exploit /
If you are running Windows, check which browser you are running and TURN OFF JAVA. You can research how to do this for whatever browser (Microsoft Explorer, Google Chrome, or Firefox) you're using by Googling for instructions. If you do not know how to do this (you probably shouldn't be on the web at all), ask someone who does.
If you're using a Mac, you still turn off Java because the same thing can be used to attack Macs.
When you turn off Java it means that certain web sites will not work properly because they depend on it. If you are 100% certain the site is OK, then turn Java on just for that one site.
This will not go away until Java itself is upgraded.
--
----------------------------------------------------------------------------
Tim Daneliuk snipped-for-privacy@tundraware.com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

no-script is your friend you'll be amazed how much sh*t runs on a page and what you can block http://noscript.net/
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 08/28/2012 07:26 PM, ChairMan wrote:

It's not clear whether noscript blocks both Java and JavaScript (not clear to ME - it's clear to others no doubt). This is a *Java* vulnerability. As a point of interest, Java has nothing whatsoever to do with JavaScript.
--
----------------------------------------------------------------------------
Tim Daneliuk snipped-for-privacy@tundraware.com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, *Java*, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank)
All I can tell you is that by using it I've had pages that won't load until i start allowing 1 item at a time YMMV
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Tim Daneliuk wrote:

Which is one of the many reasons I run Linux.
Deb
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 08/29/2012 08:29 AM, Dr. Deb wrote:

Look more closely. The exploit applies to Linux as well. It's just that they have not (yet) seen a Linux payload.
--
-----------------------------------------------------------------------
Tim Daneliuk
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.