Enable Click To Play for all versions of Java due to zero-day remote code execution vulnerability being actively exploited

RESOLVED DUPLICATE of bug 829111

Status

()

defect
P1
normal
RESOLVED DUPLICATE of bug 829111
6 years ago
3 years ago

People

(Reporter: mcoates, Unassigned)

Tracking

({sec-critical})

Firefox Tracking Flags

(Not tracked)

Details

(URL)

All versions of Java are currently vulnerable to a zero-day remote code execution vulnerability. Popular exploit kits have been updated to exploit this vulnerability.

Request:
Enable click to play for all versions of Java. 



This will allow users to enable Java on specific sites that they trust, but will not automatically load Java on any page and prevent the most common drive by exploitation attacks.

http://thenextweb.com/insider/2013/01/10/new-java-vulnerability-is-being-exploited-in-the-wild-disabling-java-is-currently-your-only-option/
http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/
http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
No longer depends on: 829111

Updated

6 years ago
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 829111
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.