On Fri, Apr 9, 2010 at 12:08 PM, Tavis Ormandy <tav...@sdf.lonestar.org> wrote:

> -------------------
> Mitigation
> -----------------------
> - Mozilla Firefox and other NPAPI based browser users can be protected using
>  File System ACLs to prevent access to npdeploytk.dll.

Just for the record (since I had to go hunting to find out), Giorgio
Maone says NoScript will protect Firefox users (so long as you haven't
whitelisted the relevant website for other purposes) :

As a lot of folks are concluding, it's better to just uninstall Java
altogether (at least till Soracle sorts out the various appalling
design decisions they seem to have made with this product), but some
of us are stuck with workstations that need Java installed for one
reason or another.

Leave the Olympics in Greece, where they belong.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Reply via email to