Because it seems that with .NET, problems are actually fixed; no one gives Microsoft the credit they deserve! When is the last time you have heard of the bad guys touching an ASP.net web site with there poison code?
From: [email protected] [mailto:[email protected]] On Behalf Of Ken Schaefer Sent: Friday, January 11, 2013 7:31 AM To: ozDotNet Subject: RE: [OT] Java 0-day vulnerability I think I've seen plenty of suggestions to avoid using IE in similar circumstances. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Wallace Turner Sent: Friday, 11 January 2013 4:53 PM To: ozDotNet Subject: [OT] Java 0-day vulnerability http://thenextweb.com/insider/2013/01/10/new-java-vulnerability-is-being-exploited-in-the-wild-disabling-java-is-currently-your-only-option/ >Overview - Java 7 Update 10 and earlier contain an unspecified vulnerability >that can allow a remote, unauthenticated attacker to execute arbitrary code on >a vulnerable system. >We recommend that regardless of what browser and operating system you're >using, you should uninstall Java if you don't need it. If you do need it, use >a separate browser when Java is required, and make sure to disable Java in >your default browser. Most 'media' sites recommend the same action (perhaps they got it from the same source) - I can't help but feel a little sorry for Java and the conspiracist in me is firing up. If I had a dollar for every time there was a windows/IE.NET vulnerability with the same risk ( allow a remote, unauthenticated attacker to execute arbitrary code) ... and no media outlet suggests uninstalling windows or .NET.
