dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
6099
share rss forum feed

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to angussf

Re: JAVA 7u11 now available for download

There isn't any way to set auto update for Java on Win 8. That's because the 64bit version doesn't have it. Suits me but I was wondering what you guys were talking about since I have no autoupdate setting in the Java panel.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2
The 32-bit version of Java, which does have an autoupdate option, is what 99% of users use. If you have a 32-bit browser, and most likely you do, the 64-bit Java isn't used.
--
Don't feed trolls--it only makes them grow!

ctggzg
Premium
join:2005-02-11
USA
kudos:2
reply to Triple Helix
This has the same bug as 7u10 where the installer doesn't add the registry keys for the Firefox plugin. See the end of this thread for my work-around:

»Java Updates/Java SE 6 Update 38/Java SE 7u10


unavailable

@tds.net
reply to Triple Helix
Thanks!

Now, some bad news. This doesn't do a thing to fix the current zero day exploit, except that Java now has an ironically, malware looking pop up that asks for permission to run the applet.

Also, because of a combination of both Apple's and Oracles incompetence no update to 1.7u11 is available for Mac OS 10.6 aka "Snow Leopard. Which, is what I happen to run.

Now, there IS a workaround. I downloaded the 1.7u11SDK and installed it with Pacifist. I also removed Java 1.6 and that broke the Java preferences app. So, I re-installed Java 1.6 with an Apple updater and just unchecked it.

So lame... /rant


RickNY
Premium
join:2000-11-02
Farmingville, NY
Reviews:
·Optimum Online
reply to Triple Helix
Fixes nothing other than setting all security settings to 'High'. Users can still be prompted to execute exploit code, and original vulnerability still exists.

US-CERT still advises disabling Java in the web browser.

»www.us-cert.gov/cas/techalerts/T···10A.html


kkb
Object of the Panopticon

join:2000-06-11
Colorado
reply to Triple Helix
Installed 7u11, and lost the control panel thingy again!

At least I know how to launch it from the directory.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 edit
reply to StuartMW
said by StuartMW:

The 32-bit version of Java, which does have an autoupdate option, is what 99% of users use. If you have a 32-bit browser, and most likely you do, the 64-bit Java isn't used.

I have BOTH 64bit and 32bit IE 10 on Windows 8. Both Oracle and Microsoft state to install BOTH versions. I use the 64bit version of IE even on the desktop (when I use IE which is not often), but even if using the 32 bit version Microsoft and Oracle say that IE 32 bit is mostly 64 bit on Desktop on Windows 8.

So, by installing 64bit Java for E 10 that makes the Java panel (even though my plugin browsers are all 32 bit) default to the 64 bit version which cannot be auto updated so the button is not there even though the 32 bit version I also have can be autoupdated.

I see I was right to not update (thus risking the Fx bug) since nothing is fixed. I already had the slider at "High". I will not upgrade to Fx 17 ESR either and I had planned to do that this month (before Fx 10 ESR goes unsupported). I don't want Mozilla messing with what should be MY decision about running Java and the reason I am not updating Java. Plus, I don't want Mozilla snooping on my browsing habits. They have become so extremely two faced about privacy.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

baess

join:2011-01-28
reply to angussf
said by angussf:

Every time you update Java, it resets the "automatic update" frequency to ONCE A MONTH. You need to change that to daily yourself after every update if you want to rely on Java updating itself.

Even at once a month it should have checked more recently than October.

After reading the most recent posts it seems as if nothing was fixed so I think I'll disable. I did get the Java pop up on a site which as was stated looks very malware-ish.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
I've had that popup for some time now because I set the earlier version of Java (10) to high for the slider. I see the slider every time I do a speed test on a variety of sites. I don't think the popup looks "malwarish" yet you are the second person in this thread to comment that it does to you. I think it is a very nice looking popup. What makes it look "malwarish"?
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson

baess

join:2011-01-28

1 edit
reply to Mele20
said by Mele20:

said by StuartMW:

The 32-bit version of Java, which does have an autoupdate option, is what 99% of users use. If you have a 32-bit browser, and most likely you do, the 64-bit Java isn't used.

I have BOTH 64bit and 32bit IE 10 on Windows 8. Both Oracle and Microsoft state to install BOTH versions. I use the 64bit version of IE even on the desktop (when I use IE which is not often), but even if using the 32 bit version Microsoft and Oracle say that IE 32 bit is mostly 64 bit on Desktop on Windows 8.

So, by installing 64bit Java for E 10 that makes the Java panel (even though my plugin browsers are all 32 bit) default to the 64 bit version which cannot be auto updated so the button is not there even though the 32 bit version I also have can be autoupdated.

I have 32 and 64bit IE8 on Win 7 and have both 32 and 64 bit Java installed. Like Mele20 says this is what is recommended. So even though 99% use the 32 bit browser they probably should have both Java versions installed.

I access the Java control panel through Program Files>Java to see the auto update feature. Which in my case didn't even work.


unavailable

@tds.net
reply to Mele20
Click for full size
said by Mele20:

I've had that popup for some time now because I set the earlier version of Java (10) to high for the slider.

I don't think the popup looks "malwarish" yet you are the second person in this thread to comment that it does to you. I think it is a very nice looking popup. What makes it look "malwarish"?

It looks "malwarish" to me, because it's use of a non-native GUI. If we're getting the same pop-up, I can't agree at all that it's "nice looking". It's amateurish looking, at best.

Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
Non-native GUI? What do you mean by that? Mine uses the color set up I have for Windows 8. What is wrong with that? Opera honors my colors too but Fx honors only Active Title bar colors I have and won't honor the colors for tabs vertically down the left side (uses default gray colors instead) but Opera colors the background of the vertical tabs correctly using my chosen Windows 8 colors. I admire an application that honors my colors.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


unavailable

@tds.net
said by Mele20:

Non-native GUI? What do you mean by that? Mine uses the color set up I have for Windows 8. What is wrong with that?

Well, the grey background and the shield are neither OS X or Windows anything, native. The exclamation point inside the shield isn't even properly anti-aliased. Looks sloppy, and therefore malwarish.


DrStrange
Technically feasible
Premium
join:2001-07-23
West Hartford, CT
kudos:1
reply to ctggzg
Had this problem on a 32-bit XP box today. The key it didn't write was
HKLM\SOFTWARE\MozillaPlugins\@java.com\JavaPlugin,version=10.11.2 [and everything it contains]

I exported and copied it from an identical machine where the update worked. Problem solved.


beerbum
Premium
join:2000-05-06
Reading, PA
kudos:1
Reviews:
·Comcast
reply to StuartMW
said by StuartMW:

Thanks TH.

Another 0-day in 3 ... 2 ... 1

here ya go..

Less than a week has passed since Oracle patched the vulnerability in Java 7 Update 10 and another zero-day exploit which is said to work on Java 7 Update 11 is already being sold on the cybercriminal underground market.

Brian Krebs, who came across an ad for the exploit on a hacker forum on Monday, reveals that the author had offered to sell it to two people for the price of $5,000 (3,750 EUR). The buyers were promised an encrypted and weaponized version of the exploit.


Full Article:

»news.softpedia.com/news/Java-7-U···02.shtml

»www.informationweek.com/security···40146416