I would think that Firefox with NoScript would offer some protection, but I don't have the correct expertise to know or test that myself currently.
Would welcome any info yes or no about Firefox+NoScript and/or Google Chrome and this Zero Day.
How To Disable Java in Browsers:
How To Disable Java in Google Chrome: enter chrome://plugins/ in location bar (where URL's go, NOTE: you can Bookmark chrome://plugins/ so you don't have to manually type it in future), then click Disable. See http://nakedsecurity.sophos.com/how-to-disable-java-chrome/ for illustrations/screenshots.
How To Disable Java in Firefox: Go to Add Ons (or Tools then Add Ons depending on your OS), click the Add Ons Tab, Disable Java. See http://nakedsecurity.sophos.com/how-to-disable-java-firefox/ for Screenshots.
How To Disable Java on IE (Internet Explorer), I haven't used IE in so many years, I am not going to write anything, just go to http://nakedsecurity.sophos.com/how-to-disable-java-internet-explorer/ for clear instructions with Screenshots, I think it is easier just to uninstall Java if your using IE, but I don't trust my memory on IE, because it has been so long since I used it.
How to Disable Java in Safari: Easily done, go to Preferences in Safari, Select Security, Uncheck Java. Again for Screenshots see http://nakedsecurity.sophos.com/how-to-disable-java-safari/
Honestly I reccomend leaving it disabled, all my Browsers have had it disabled for a long time, I have not noticed any problems.
I recommend the same for Javascript.
For further reading:
- http://blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html
- http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/
- http://nakedsecurity.sophos.com/2013/01/10/protect-yourself-against-latest-java-zero-day-vulnerability-now-maljavajar-b/
- http://www.kb.cert.org/vuls/id/625617
- http://www.livehacking.com/2013/01/11/new-zero-day-java-7-vulnerability-being-exploited-in-the-wild/
No comments:
Post a Comment