There is also the option to keep JRE, but disable it in your browser(s), and disable the Java plug-in in the Java Control Panel. That way you can still re-enable it for trusted websites you use that employ it.
That *should* protect against malicious java applets, but I can't guarantee it.
Like ky, I still haven't found any websites I frequent that need JRE. (It's a bit ironic that Secunia's OSI, of all websites, should use Java).
(It's a bit ironic that Secunia's OSI, of all websites, should use Java).
It's equally ironic (if not more so) that Secunia's PSI uses Flash --- another highly targeted vulnerable program --- to display its graphics (the program overview pie-chart and 10-week historic development bar graph).
-----------------
On a separate issue, I have also removed Adobe's Shockwave Player from all my computers. Other than running a test at Adobe's site, I don't know that I've EVER had a need for Shockwave. No shockwave means no more Shockwave vulnerabilities, nor need for updates.
Lest there be any confusion here, I continue to use Adobe's FLASH (and Adobe's READER). These adobe products are all distinct, and users can choose to install only the ones they wish; i.e., you can install Flash without Shockwave [or vice versa].
While Flash is still a major target of hackers, I find it very commonly used on web sites I frequent (unlike my finding with Java), so to enjoy the "full internet experience", I choose to keep Flash around... and updated!
joe53
2 Intern
•
5.8K Posts
0
July 8th, 2010 12:00
There is also the option to keep JRE, but disable it in your browser(s), and disable the Java plug-in in the Java Control Panel. That way you can still re-enable it for trusted websites you use that employ it.
That *should* protect against malicious java applets, but I can't guarantee it.
Like ky, I still haven't found any websites I frequent that need JRE. (It's a bit ironic that Secunia's OSI, of all websites, should use Java).
ky331
3 Apprentice
•
15.6K Posts
0
July 8th, 2010 17:00
(It's a bit ironic that Secunia's OSI, of all websites, should use Java).
It's equally ironic (if not more so) that Secunia's PSI uses Flash --- another highly targeted vulnerable program --- to display its graphics (the program overview pie-chart and 10-week historic development bar graph).
-----------------
On a separate issue, I have also removed Adobe's Shockwave Player from all my computers. Other than running a test at Adobe's site, I don't know that I've EVER had a need for Shockwave. No shockwave means no more Shockwave vulnerabilities, nor need for updates.
Lest there be any confusion here, I continue to use Adobe's FLASH (and Adobe's READER). These adobe products are all distinct, and users can choose to install only the ones they wish; i.e., you can install Flash without Shockwave [or vice versa].
While Flash is still a major target of hackers, I find it very commonly used on web sites I frequent (unlike my finding with Java), so to enjoy the "full internet experience", I choose to keep Flash around... and updated!