Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

ky331

3 Apprentice

 • 

15.6K Posts

4091

July 8th, 2010 09:00

Oracle/Sun Java Runtime Environment 6, Update 21

Oracle/Sun Java Runtime Environment 6 Update **21**
 
Release notes http://java.sun.com/...notes/6u21.html
Download https://cds.sun.com/...S-CDS_Developer

Please remember to uncheck any unwanted 3rd party toolbars/programs which may be offered during installation.

------

Note:   For people who have java on their system (which I would assume includes most users), it is prudent to keep Java up-to-date.

For what it's worth, both Joe53 and I removed Java from our systems a few months ago, and so far, have been able to survive without it.   I personally have encountered only one web-page which I had used regularly, the Secunia ONLINE scanner (OSI), which requires Java.   I can no longer access that page, but use the Secunia Personal Software Inspector (PSI) instead.     [Certain aspects of OpenOffice also require Java, but apparently not the portions that I make use of.]

I'm not suggesting this is the "answer" for everyone... I'm sure some of you do have legitimate Java uses.   But without Java, I don't have to be concerned with all the frequent updates to it... nor about the critical vulnerabilities that also seem to be found in it.

Please note/emphasize that Java is separate/distinct from JavaScript.   I still have JavaScript enabled in my browsers, and it is used extensively on web-pages.

 

joe53

2 Intern

 • 

5.8K Posts

July 8th, 2010 12:00

There is also the option to keep JRE, but disable it in your browser(s), and disable the Java plug-in in the Java Control Panel. That way you can still re-enable it for trusted websites you use that employ it.

That *should* protect against malicious java applets, but I can't guarantee it.

Like ky, I still haven't found any websites I frequent that need JRE. (It's a bit ironic that Secunia's OSI, of all websites, should use Java).

ky331

3 Apprentice

 • 

15.6K Posts

July 8th, 2010 17:00

(It's a bit ironic that Secunia's OSI, of all websites, should use Java).

It's equally ironic (if not more so) that Secunia's PSI uses Flash --- another highly targeted vulnerable program --- to display its graphics (the program overview pie-chart and 10-week historic development bar graph).

-----------------

On a separate issue, I have also removed Adobe's Shockwave Player from all my computers.    Other than running a test at Adobe's site, I don't know that I've EVER had a need for Shockwave.   No shockwave means no more Shockwave vulnerabilities, nor need for updates.

Lest there be any confusion here, I continue to use Adobe's FLASH (and Adobe's READER).    These adobe products are all distinct, and users can choose to install only the ones they wish; i.e., you can install Flash without Shockwave [or vice versa].

While Flash is still a major target of hackers, I find it very commonly used on web sites I frequent (unlike my finding with Java), so to enjoy the "full internet experience", I choose to keep Flash around... and updated!

Was this post helpful?

View All

Top