Never log into important sites in Windows...

JavaScript is NOT Java. Two completely different things. This vulnerability seems to be present in an old version of JRE (although they don't seem to give details on what version).

Yes, and is JRE part of Java or javascript as used by web browsers?
As if it is part of Java then 90% of users will be unaffected by this bug, as they don't have Java installed on their PCs in the first place.
 
Yes, and is JRE part of Java or javascript as used by web browsers?
As if it is part of Java then 90% of users will be unaffected by this bug, as they don't have Java installed on their PCs in the first place.

Some sites use Java web apps, but most do not. That doesn't mean that they won't have Java Runtime Environment installed though.
 
This is why MS should allow a select few publishers have programs linked to Windows update.

Adobe & Sun should be allowed to update Flash and Java through Windows update (hosted on their own servers and not Microsoft servers)
 
Yes, and is JRE part of Java or javascript as used by web browsers?
As if it is part of Java then 90% of users will be unaffected by this bug, as they don't have Java installed on their PCs in the first place.

JRE is the Java Runtime Environment. It's nothing to do with JavaScript.
 
Some sites use Java web apps, but most do not. That doesn't mean that they won't have Java Runtime Environment installed though.

A standard windows installation won't have JRE will it? There is no java in windows, there was a massive court case about it iirc.
So the only way folks will have java is if they installed it?

They opened this vulnerability themselves but installing something and not keeping it up to date.
 
i think you'll find it's bundled on a lot of OEM machines. people who install windows themselves are a tiny fraction of the actual number of windows pcs in use.

Why would they bundle it?
I guess I simply don't use the areas of the web which require it.
I've had one cause to use it, for 1 hour on a work machine where a collect call from the US was taking control of my PC for the purpose of a survey and form filling exercise.
I uninstalled it after as it had reported security issues back then also.
 
Why would they bundle it?

you'll have to ask them that. :p

loads of OEM stuff comes with adobe flash, adobe reader, java, quicktime, etc installed. i guess it reduces support calls related to errors people get when browsing sites that require it.

FWIW, i do have it installed. i have some very useful .jar applications on my machine that need it to run. apart from my ISP (BE), i can't remember the last time i browsed a website that uses it.
 
I don't have Java installed. It's a security risk that I'm not ready to put up with, considering how few websites make decent use of it. The only things it seems to be used for on the web are browser-based IRC clients, hardware detection applets and those nasty rollover buttons on sites straight out of 1997.

Has absolutely nothing to do with Windows, BTW. You need to keep third-party plugins up to date, whichever OS you use.
 
Last edited:
This is why MS should allow a select few publishers have programs linked to Windows update.

Adobe & Sun should be allowed to update Flash and Java through Windows update (hosted on their own servers and not Microsoft servers)

Was about the post the same thing!
 
Who even has the JRE these days? Can't believe someone wasted their time creating an applet that only 1% of home pc's are vulnerable to, lol.
 
Back
Top Bottom