Full Disclosure mailing list archives
How to disable Java Deployment Toolkit
From: Kristof Zelechovski <giecrilj () stegny 2a pl>
Date: Wed, 14 Apr 2010 12:15:33 +0200
Regarding the Java Deployment <http://seclists.org/fulldisclosure/2010/Apr/119> Toolkit vulnerability: On Windows XP and later: open the Local Security Settings console and create a prohibition <ms-its:C:\WINDOWS\help\SAFERconcepts.chm::/SRP_path.htm> rule for the path %HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Web Start\1.6.0_19\HOME%/JAVAWS.EXE After you do that, the demo <http://lock.cmpxchg8b.com/bb5eafbc6c6e67e11c4afc88b4e1dd22/testcase.html> exploit should not work any more. HTH, Chris
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- How to disable Java Deployment Toolkit Kristof Zelechovski (Apr 15)
- Re: How to disable Java Deployment Toolkit Nick Boyce (Apr 16)
- Re: How to disable Java Deployment Toolkit Křištof Želechovski (Apr 18)
- Re: How to disable Java Deployment Toolkit Nick Boyce (Apr 16)