| Author |
Topic: Sun Java has been updated - Run Secunia Software Inspector |
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Mar 2008 7:25 am |
|
Sun Corporation has just released an updated version of their ubiquitous Java Virtual Machine. The new version is 6.0.50.0 and it patches known exploitable vulnerabilities. If you have the Java plug-in on any browser you should update the the current version.
One can update by going to the source, at: http://www.java.com/, or by running the Secunia Software Inspector (which requires Java). Either method will get you up to the current, patched level.
After you have updated Java and restarted your browser, please uninstall all previous versions of Java, for safety sake, as they remain exploitable by specifically targeted attacks. All Java machines can be removed via Control Panel > Add/Remove Programs. Just don't uninstall the newest version!
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
 |
Bent Romnes
From:
London,Ontario, Canada
|
Posted 5 Mar 2008 8:37 am
|
|
I just scanned with Secunia and was not prompted to get that one. I guess that means I have it?
Other issues:
Secunia wanted me to dl the Personal Software Inspector program (PSI). Wiz, is it ok to do so or is it best to just continue having Secunia scan my system on the web site?
Also: The scan told me I needed the 9.X version of Macromedia Flash and that 6.X was insecure.
I dl'd the new one and uninstalled the 6X.
Upon scanning anew, Secunia detected 6.X still on my system. What gives? |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Mar 2008 10:40 am
|
|
| Bent Romnes wrote: |
| I just scanned with Secunia and was not prompted to get that one. I guess that means I have it? |
Not necessarily true. Please navigate to http://www.java.com/en/download/manual.jsp and use the link on the right, labeled "Verify Now." The results will verify if you do in fact have the most current version installed, in that particular browser. If you have more than one browser you should download the complete, offline installation package for your operating system. After installing the updates close and restart all open browsers of all makes.
| Quote: |
Other issues:
Secunia wanted me to dl the Personal Software Inspector program (PSI). Wiz, is it ok to do so or is it best to just continue having Secunia scan my system on the web site? |
I do have the PSI installed, but it only works from my administrator level account, which I don't normally use. Therefore, unless you always operate as a Computer Administrator the online Software Inspector will do just fine.
| Quote: |
Also: The scan told me I needed the 9.X version of Macromedia Flash and that 6.X was insecure.
I dl'd the new one and uninstalled the 6X.
Upon scanning anew, Secunia detected 6.X still on my system. What gives? |
That is a really old version of Flash. You will have to read the results shown by the Software Inspector to find the path and file names of the insecure files, then navigate to them in Windows Explorer and delete them manually. Left over flash files are exploitable. The newest version of Adobe Flash does make an effort to remove some older files, but is not always 100% successful, especially when they are version 6.x and were are now at version 9.x.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Bent Romnes
From:
London,Ontario, Canada
|
Posted 5 Mar 2008 8:37 pm
|
|
Ok, thanks Wiz.
You're thorough as usual |
|
|
|
