All versions of Java are currently vulnerable to a zero-day remote code execution vulnerability. Popular exploit kits have been updated to exploit this vulnerability. Request: Enable click to play for all versions of Java. This will allow users to enable Java on specific sites that they trust, but will not automatically load Java on any page and prevent the most common drive by exploitation attacks. http://thenextweb.com/insider/2013/01/10/new-java-vulnerability-is-being-exploited-in-the-wild-disabling-java-is-currently-your-only-option/ http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/ http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html
No longer depends on: 829111
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 829111
Product: addons.mozilla.org → Toolkit
You need to log in before you can comment on or make changes to this bug.