>From the article "An important distinction that needs to be made between in-the-browser Java and the far more common Java runtime environment," says Jo DeMesy, senior analyst for Stach & Liu. "This vulnerability does not affect Web applications with utilize the Java server-side, which is by far the most common use of the Java programming language. The vulnerability lies within the Java runtime exposed to Web clients which load a malicious Java applet. This type of implementation is much less common [in enterprise applications]."
On Wed, Jan 16, 2013 at 10:59 AM, Russ Michaels <r...@michaels.me.uk> wrote: > > This vulnerability relates only to the Java app you install on your > desktop, not the JVM you run on a server, > So has no effect on CF at all, other than the Java applets used for things > like CFGRID et al will no longer work on systems that have removed java, > but no-one really uses those any more anyway. > > > > On Wed, Jan 16, 2013 at 3:43 PM, Robert Harrison < > rob...@austin-williams.com > > wrote: > > > > > I'd assume you've all been seeing the recent reports on Java. It's been > > officially announced by HomeLand Security that the zero day error and > other > > problems are too deeply embedded in Java to fix with a patch. Their > > official recommendation is to remove Java from all machines. I know > Oracle > > put out a patch for this, but reports are the patch is considered > > insufficient and the problems too close to the core to fix. Information > > Week has an article on recommending users scale back on use of Java, > remove > > it wherever possible, and do no further Java development. For example, > see: > > > > > > > http://www.darkreading.com/database-security/167901020/security/news/240146361/the-death-of-java-in-the-enterprise.html?cid=nl_DR_daily_2013-01-16_html&elq=4d908631d1b04069869fc003faf4e182 > > > > Question is: Could this be the death of CF? CF has been tenuous for > > several years now, and given that the core system on which CF is built > > (Java) is now getting bad press, what do you think this means for the > > future of CF? > > > > > > > > Robert Harrison > > Director of Interactive Services > > > > Austin & Williams > > Advertising I Branding I Digital I Direct > > 125 Kennedy Drive, Suite 100 I Hauppauge, NY 11788 > > T 631.231.6600 X 119 F 631.434.7022 > > http://www.austin-williams.com > > > > Blog: http://www.austin-williams.com/blog > > Twitter: http://www.twitter.com/austin_ > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:353933 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
