Use App-V to deliver apps like these (or similar technology). The SystemGuard functionality keeps it segregated from the rest of the OS - i.e. the exploits may run but they can't touch anything.
On 11 February 2013 14:30, Kennedy, Jim <[email protected]>wrote: > I feel your pain. We have a legacy app from a company that has gone out > of business. We have to keep it for reporting to the State. Java 6 only. We > set up a couple separate machines and firewalled them to only hit that app > and a printer.**** > > ** ** > > ** ** > > *From:* Webster [mailto:[email protected]] > *Sent:* Monday, February 11, 2013 8:14 AM > > *To:* NT System Admin Issues > *Subject:* RE: Java**** > > ** ** > > Unfortunately, Citrix built most of their older management consoles on > Java. Java 6 is still required for most versions of XenApp. If you > install Java 7, the installer complains that Java 6 was not found and then > no install. The installer looks for Java 6 U 14 but works even if U39 is > installed. But those version of XenApp that require Java 6 are all > EOS/EOM/EOL so Citrix will not do anything to fix their consoles even > though those products will be used for years to come. There are people who > still use the former versions of XenApp (Metaframe, MetaFrame XP and > Presentation Server) that require NT4 and W2K.**** > > ** ** > > Thanks**** > > ** ** > > ** ** > > Webster**** > > ** ** > > *From:* Kennedy, Jim > [mailto:[email protected]<[email protected]>] > > *Subject:* RE: Java**** > > ** ** > > Yes, the big holes that everyone was talking about are fixed. There are > still some there though. But as you say later in the thread. 6 is dead Jim, > time to move on. It is the lesser of evils now.**** > > ** ** > > *From:* Heaton, Joseph@Wildlife > [mailto:[email protected]<[email protected]>] > > *Subject:* RE: Java**** > > ** ** > > Lol…. Very true. I was asking more along the lines of the last big 0 Day > vulnerability. I want to be able to go back to my developers and ask them > to work on making the newest technology work with our internal apps.**** > > ** ** > > *From:* Jim Kennedy > [mailto:[email protected]<[email protected]>] > > *Subject:* RE: Java**** > > ** ** > > 7 13 is better than 6 38, but I won’t say it is ‘fixed’ since it isn’t. > There are still problems and will be for years to come, imho.**** > > ** ** > > *From:* Heaton, Joseph@Wildlife > [mailto:[email protected]<[email protected]>] > > *Subject:* Java**** > > ** ** > > Anyone know if the latest Java 7 update finally seals the big > vulnerability from recent times? We’ve actually told people they can’t > update past 6u38, but would like to at some point…**** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
