Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: fixing Sun Java JRE 1.6.x / 6.x threats

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Sun Microsystems
And, this specific program:
Oracle Java JRE 1.6.x / 6.x

This thread has been marked as locked.
gvlucha fixing Sun Java JRE 1.6.x / 6.x threats
Member 13th Oct, 2010 21:29
Ranking: 0
Posts: 1
User Since: 1st Sep, 2010
System Score: N/A
Location: N/A
I have at least 9 listings of threats similar to this.
The version numbers are identical. What's up with Sun and why don't the old versions get wiped out when I upgrade each time?

What do I need to uninstall to get rid of these warnings about Sun?

Sun Java JRE 1.5.x / 5.x [I got 5 of these]

Sun Java JRE 1.6.x / 6.x [I got 3 of these]

Maurice Joyce RE: fixing Sun Java JRE 1.6.x / 6.x threats
Handling Contributor 13th Oct, 2010 21:33
Score: 11792
Posts: 9,036
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Go to Control Panel>add/remove. Uninstall ALL version of JRE or JSE or JDK or JAVA(TM) that U find EXCEPT JAVA(TM) 6 Update 22.

If U have not got JAVA(TM) 6 Update 22 U can now install that from here:

http://www.java.com/en/download/manual.jsp

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+2
-0
RxDdude RE: fixing Sun Java JRE 1.6.x / 6.x threats
Member 14th Oct, 2010 07:44
Score: 4
Posts: 33
User Since: 20th Aug 2009
System Score: N/A
Location: US
Maurice,
I know you are a very knowledgeable guy, and so, please allow me to ask you to advise us in the community of the Great Unwashed via this forum:

After we Uninstall all our old Java JRE versions, and then after we shall have installed the Update 22 from the link you gave us, ought we to decide that thenceforth we shall Uninstall our latest Java JRE each time a new patched version shows up to replace it, PRIOR TO installing the newly patched JRE?

Falling Rock



--
R&DDude
========================================
All I really need to know in life, I learned from the
theory of relativity!
--------------------------------------------
“Everything should be completed as soon as possible.
And, not sooner.”
– attributed to Al Einstein
============================================
HP Pavilion a1020n / Win XP Pro SP3 (x86) / AMI BIOS 3.19
Intel P4 519J 3.06 GHz / 2 GB DDR2 PC-4200
140 GB free on System partition
Firefox 3.6.15 / NoScript 2.0.9.9 / M$ IE 8.0 (rarely used)
Comodo IS 2011 v5.3 / M$ Security Essentials v1.99.1103.0
============================================
Was this reply relevant?
+0
-0
Maurice Joyce RE: fixing Sun Java JRE 1.6.x / 6.x threats
Handling Contributor 14th Oct, 2010 09:20
Score: 11792
Posts: 9,036
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Not really. What should happen is the latest JAVA U install should remove all traces of the old copy during the install process.

It has a limitation. It will only uninstall the previous copy therefore if U have more than one, that sadly some still do, it creates a problem.

If U now only have JAVA(TM) 6 Update 22 installed the next time should be a breeze with just the one manual dowload/install or PSI will do it for U & leave no "dross" to clear up.

The same applies if U also have the 64 Bit version installed as well.

--
Maurice

Windows 7 SP1 64 Bit OS
HP Intel Pentium i7
IE 11 for Windows 7 SP1
16GB RAM
Was this reply relevant?
+1
-0
Anthony Wells RE: fixing Sun Java JRE 1.6.x / 6.x threats
Expert Contributor 14th Oct, 2010 11:38
Score: 2445
Posts: 3,336
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

If it helps you , yesterday , I used the PSI 2.0 Beta (version 1.9.0.4) "auto-update" facility to install the latest Java 6 U22 over U21 .

I have "prompt" selected , so the Java programme placed itself at the top of the results page and told me U21 was "insecure" and asked to confirm the "auto-update" . I closed both of my open browsers (needed for the installer to run) and agreed the install - the installer checks every minute to see if it is free to operate - and so it started almost immediately . A message showed each step of the process and after running a final check , I was shown as updated and the programme returned to it's normal place in the results list .

Updating Java takes a few minutes whether you do it manually or let the PSI do it for you , so you need to be patient and let it work by itself .

Using the open folder icon , I can see that all the old U21 files have gone and I have a clean U22 .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer