Re: Vulnerabilities in Microsoft's Java implementation

[Damon McMahon <inst_karma () hotmail com>]

In-Reply-To: <Pine.LNX.4.33.0209091507490.19081-100000 () lissu solutions fi>

Since Sun's implementation of the JVM is not vulnerable
AFAYK, would installing Sun's Java VM and then
configuring it to handle Java applets in IE be an
acceptable workaround?

> WORKAROUNDS
> ===========
>
> Microsoft was first contacted in July 2002 and started
their 
> investigation of potential Java vulnerabilities. More
of them were found 
> during August and reported to the vendor. Microsoft
has acknowledged most 
> of the vulnerabilities and is currently working on a
patch to correct 
> them.
>
> To protect themselves, Internet Explorer and Outlook
(Express) users can 
> disable Java Applets until the patch is released. This
can be done in 
> Internet Options -> Security -> Internet -> Custom
Level -> Microsoft 
> VM, select "Disable Java".
>
> If you want to use an Applet on a certain web site you
trust, you can add
> the site to the Trusted Sites zone and enable Applets
in that zone.
>