Closed
Bug 829147
Opened 11 years ago
Closed 11 years ago
Enable Click To Play for all versions of Java due to zero-day remote code execution vulnerability being actively exploited
Categories
(Toolkit :: Blocklist Policy Requests, defect, P1)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
DUPLICATE
of bug 829111
People
(Reporter: mcoates, Unassigned)
References
()
Details
(Keywords: sec-critical)
All versions of Java are currently vulnerable to a zero-day remote code execution vulnerability. Popular exploit kits have been updated to exploit this vulnerability. Request: Enable click to play for all versions of Java. This will allow users to enable Java on specific sites that they trust, but will not automatically load Java on any page and prevent the most common drive by exploitation attacks. http://thenextweb.com/insider/2013/01/10/new-java-vulnerability-is-being-exploited-in-the-wild-disabling-java-is-currently-your-only-option/ http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/ http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•8 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•