Secunia
Login
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Thread: Secure Browsing: JRE 32-bit and 64-bit
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.This thread was submitted in the following forum:
Programs
|
Relating to this vendor: Sun Microsystems |
And, this specific program: Sun Java JRE 1.5.x / 5.x |
| lamaslany | Secure Browsing: JRE 32-bit and 64-bit |
|---|---|
 |
2nd Jul, 2009 10:43 |
|
Ranking: 22 Posts: 19 User Since: 8th May, 2009 System Score: N/A Location: N/A |
After upgrading Secunia PSI to 1.5.0.0 it warned me that there was a problem with my browser security. To my suprise however it listed IE8 (admittedly 64-bit) as being the most secure! It seems that the problem was my installation of Sun Java. I run JRE 1.5.x as a dependancy for a couple of apps but I had JRE 1.6.x as my default system-wide JRE - which I assumed was being used by my browsers. Unfortunately I had not paid enough attention to the JRE release notes... I run 64-bit Windows (x64) and had installed the 64-bit JRE (now that 64-bit is *finally* supported). The problem is that the 64-bit JRE is not used by the 32-bit browsers. Instead my browsers have been using the 32-bit JRE 1.5.x install! I have since installed the latest 32-bit JRE 1.6.x and it fixed a couple of the references but I have a problem with "C:\Program Files (x86)\Java\jre1.5.0_19\bin\java.exe" pertaining to SA17478 (http://secunia.com/advisories/17478/) in both IE and Firefox. Is there any known way to de-reference this JRE instance completely for Firefox (and preferably IE)? Many thanks, |
| Anthony Wells | RE: Secure Browsing: JRE 32-bit and 64-bit | ||||||||
|
2nd Jul, 2009 17:29 | ||||||||
| Score: 2324 Posts: 3,203 User Since: 19th Dec 2007 System Score: N/A Location: N/A |
If you JRE 1.5 dependent , open the insecure program + link (advanced mode) look in "toolbox" and click on "ignore program" & and it will create an "ignore rule" . Click save & you can see it in the settings tab - you can write your own rules using the same format. PSI still scans the file , it just doesn't report it - so don't forget it is there -- It always seems impossible until its done. Nelson Mandela |
||||||||
|
|||||||||
| lamaslany | RE: Secure Browsing: JRE 32-bit and 64-bit | ||||||||
|
|
12th Aug, 2009 10:46 | ||||||||
| Score: 22 Posts: 19 User Since: 8th May 2009 System Score: N/A Location: N/A |
I had considered adding it as an exception but I'd rather it flag it as insecure than have PSI stop reporting on it. Otherwise if a new advisory/update is issued that makes the application an unacceptable risk I would not be informed. |
||||||||
|
|||||||||
