FYI... JRE / JDK 7 update 11 were released on Saturday.
JRE 7u11 http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html JDK 7u11 http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html it fixes the security holes in the browser plug-in component, widely reported on the IT and mainstream press last Thursday-Friday, many of which included the usual misinformation-FUD recommending to "uninstall Java" (the whole JVM) instead of just disabling the browser plug-in. In the release notes, ORCL says it has made the browser plug-in NOT RUN by default any UNSIGNED or "Self-signed" applets without user confirmation. This effectively should make "zero click surface" attacks not possible anymore. Firefox 18 also added a feature asking users to confirm before running any plug-in content on each web page or a per-page basis. Thus creating a double-confirmation to run unsigned or self-signed applets. FC -- During times of Universal Deceit, telling the truth becomes a revolutionary act Durante épocas de Engaño Universal, decir la verdad se convierte en un Acto Revolucionario - George Orwell -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
