Bugtraq mailing list archives
Re: Vulnerabilities in Microsoft's Java implementation
From: Damon McMahon <inst_karma () hotmail com>
Date: 11 Sep 2002 04:30:10 -0000
In-Reply-To: <Pine.LNX.4.33.0209091507490.19081-100000 () lissu solutions fi> Since Sun's implementation of the JVM is not vulnerable AFAYK, would installing Sun's Java VM and then configuring it to handle Java applets in IE be an acceptable workaround?
WORKAROUNDS =========== Microsoft was first contacted in July 2002 and started
their
investigation of potential Java vulnerabilities. More
of them were found
during August and reported to the vendor. Microsoft
has acknowledged most
of the vulnerabilities and is currently working on a
patch to correct
them. To protect themselves, Internet Explorer and Outlook
(Express) users can
disable Java Applets until the patch is released. This
can be done in
Internet Options -> Security -> Internet -> Custom
Level -> Microsoft
VM, select "Disable Java". If you want to use an Applet on a certain web site you
trust, you can add
the site to the Trusted Sites zone and enable Applets
in that zone.
Current thread:
- Vulnerabilities in Microsoft's Java implementation Jouko Pynnonen (Sep 09)
- <Possible follow-ups>
- Re: Vulnerabilities in Microsoft's Java implementation Damon McMahon (Sep 11)
- Re: Vulnerabilities in Microsoft's Java implementation Gwendal Stevanazzi (Sep 11)
- Re: Vulnerabilities in Microsoft's Java implementation Mike Duncan (Sep 11)