On 19 Sep 2002 dev-null@no-id.com wrote: > Does anybody else find it disturbing that today's JVM patch can only be > installed through Windows Update, and the Windows Update site now What's perhaps more disturbing is that most of the reported JVM vulnerabilities weren't fixed yet and an Applet can still execute arbitrary code by exploiting the remaining ones. So even with the patch, enabling MS's Java for IE and the Internet Zone isn't a good idea right now. -- Jouko Pynnonen Online Solutions Ltd Secure your Linux - joukoat_private http://www.solutions.fi http://www.secmod.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Thu Sep 19 2002 - 15:47:59 PDT