Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: 6 update 26 (build 1.6.0_26-b03)

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
bonnie23 6 update 26 (build 1.6.0_26-b03)
Member 16th Jul, 2011 20:47
Ranking: 0
Posts: 18
User Since: 8th Nov, 2009
System Score: 100%
Location: US
Last edited on 16th Jul, 2011 20:51

Can't find any information on how to disable or apply a work around as Secunia suggest...for this risk. I know that I can go into add/remove programs and remove it, but what are the consequences until a fix is released by Sun Java? This risk is showing up in all three of my browsers...FF, IE8, and Google Chrome. Secunia PSI is listing this risk as (Sun Java JRE 1.6x/ 6.x cat. 4. I am finding the risk in "Secure Browsing" not in programs. (SA45173) My OS is XP SP3. Any suggestions on what to do and how to do it would be appreciated.

--
bonnie23

Anthony Wells RE: 6 update 26 (build 1.6.0_26-b03)
Expert Contributor 16th Jul, 2011 21:04
Score: 2384
Posts: 3,280
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 16th Jul, 2011 21:27
Hi bonnie ,

Java is not essential for your computer and can be "removed" without any consequences to your actual system . Some programmes and websites are dependent on Java , as for example , Secunia's OSI scanner .

If you delete Java (temporarily) you will be safe ; if a programme/website needs it you will likely be prompted to install it , or if one stops working , it should be apparent that it is because you do not have Java . Whether you (re)install the insecure version is up to you .

Once it is updated , you could relaod it anew , should you so wish .

If it is removed , then the PSI cannot advise you when the update is out so you will need to check here every so often or check the Advisory to see if it is updated :-

http://secunia.com/advisories/45173/

Hope that helps you .

Take care

Anthony

PS: some people find the EMET tool is useful to them in these kind of situations :-

http://support.microsoft.com/kb/2458544

PPS : an Oracle critical patch is expected to be issued on Tuesday 19th July , I do not know if it will fix the insecurity (in the SA) as such , as Sun Java is not specified :-

http://www.oracle.com/technetwork/topics/security/...

Please excuse the editing :(((





--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+2
-0
bonnie23 RE: 6 update 26 (build 1.6.0_26-b03)
Member 17th Jul, 2011 19:15
Score: 0
Posts: 18
User Since: 8th Nov 2009
System Score: 100%
Location: US
Thank you for the feedback...I am going to remove Java and follow your instructions to check back to this link or to the Advisory as often as I can. I will check back here or with Oracle on the 19th to see if the critical patch will include Sun Java.

--
bonnie23
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability