MozillaZine

Java Deployment Toolkit and Java Platform Should Be Disabled

User Help for Mozilla Firefox
tpaulr
 
Posts: 289
Joined: June 22nd, 2004, 8:01 am

Post Posted August 30th, 2012, 7:34 am

I upgraded to FF15 yesterday and always run the plug-in check right after an upgrade just to make sure.

I got 2 big red "disable" warnings from the plug-in checker:

.Java Deployment Toolkit 7.0.50.255
.Java(TM) Platform SE 7 U5

They both say to disable, vulnerable and no fix...

What is the issue and how will this affect Firefox?

I have never run into this before...

Thanks for the help.

LIMPET235
Moderator

User avatar
 
Posts: 34378
Joined: October 19th, 2007, 1:53 am
Location: The South Coast of N.S.W. Oz.

Post Posted August 30th, 2012, 7:50 am

Apparently, there's a security risk with the latest version or ?
ref; > http://www.javatester.org/

Version 6 is available > http://www.java.com/en/download/faq/java_6.xml

One report on the subject > http://www.tweaktown.com/news/25562/new ... index.html
& a thread here > viewtopic.php?f=37&t=2524757
Ancient Amateur Astronomer
Win-7-HP/Intel® DualCore-2.0GHz/500G HDD/4 Gig Ram/550Watt PSU/350WattUPS/Firefox-20.0-30.0-36.0.1/T-bird-2.0.0.24/SnagIt-v10.0.1/MWP-7.5.0.
RadioYachting. Conficker Test.

tpaulr
 
Posts: 289
Joined: June 22nd, 2004, 8:01 am

Post Posted August 30th, 2012, 10:51 am

Apparently, older versions are also vulnerable to risks still active, if I'm reading this correctly, which makes sense.

I can't run some of my major programs without Java, I'm assuming many people are in the same boat.

I also remember some of the applications I run kept reminding me to upgrade to 1.7. As an example, I use XMind for strategic business modelling and until I upgraded to 1.7, things wouldn't render properly, and that was about 2 months ago. That was a mess for a few days.

Oracle, a constant thorn, now both at work and home.

Anyway, what is the ideal solution until Oracle fixes this, in your estimation?

From what I've read, it maybe October when they fix this issue.

Thanks...

LIMPET235
Moderator

User avatar
 
Posts: 34378
Joined: October 19th, 2007, 1:53 am
Location: The South Coast of N.S.W. Oz.

Post Posted August 30th, 2012, 10:55 am

It would appear that version 1.6 is still "secure".....according to what I've read in the links.
Ancient Amateur Astronomer
Win-7-HP/Intel® DualCore-2.0GHz/500G HDD/4 Gig Ram/550Watt PSU/350WattUPS/Firefox-20.0-30.0-36.0.1/T-bird-2.0.0.24/SnagIt-v10.0.1/MWP-7.5.0.
RadioYachting. Conficker Test.

WLS

User avatar
 
Posts: 2094
Joined: May 7th, 2010, 9:38 am
Location: Pennsylvania, USA

Post Posted August 30th, 2012, 11:10 am

Useless to you, is useful to someone else. You pompous....
AMD Athlon(tm) II X3 455 3.3GHz | 4.0GB RAM | GeForce GT 630
Kubuntu 14.10 | KDE 4.14.1

LIMPET235
Moderator

User avatar
 
Posts: 34378
Joined: October 19th, 2007, 1:53 am
Location: The South Coast of N.S.W. Oz.

Post Posted August 30th, 2012, 11:18 am

I should've said version 6.35
However, the flaw does not exist in Java version 6, so anyone who needs Java (see below) can safely run Java version 6. Anyone running Java 7 on Windows or Linux, can fall back to Java 6 by downloading the JRE (Java Runtime Environment) for Java 6 update 34 (the latest update as of today) at Oracle's Java Runtime Environment 6 Downloads page.


> http://www.java.com/en/download/manual_v6.jsp
Ancient Amateur Astronomer
Win-7-HP/Intel® DualCore-2.0GHz/500G HDD/4 Gig Ram/550Watt PSU/350WattUPS/Firefox-20.0-30.0-36.0.1/T-bird-2.0.0.24/SnagIt-v10.0.1/MWP-7.5.0.
RadioYachting. Conficker Test.

tpaulr
 
Posts: 289
Joined: June 22nd, 2004, 8:01 am

Post Posted August 30th, 2012, 11:36 am

All,

As of about 15 minutes ago, Oracle released version 7/update 7 of Java...

I have downloaded it and am now uninstalling older versions.

patrickjdempsey

User avatar
 
Posts: 22338
Joined: October 23rd, 2008, 11:43 am
Location: Asheville NC

Post Posted August 30th, 2012, 6:06 pm

Given the constant barrage of exploits in Java, I'm recommending for users who don't need it to completely remove it from their systems. Hopefully website developers will continue the trend of abandoning this technology.
Tip of the day: If it has "toolbar" in the name, it's crap.
What my avatar is about: https://addons.mozilla.org/en-US/seamonkey/addon/sea-fox/

Return to Firefox Support


Who is online

Users browsing this forum: Bing [Bot], Google Adsense [Bot], LIMPET235 and 21 guests