-2

I've seen IE 6 to 10 can be easaily exploited using the Zero Day Java Exploit (CVE-2013-0422) And If the IE have been exploited.. We can access the hardisk file even cookies or password.. That's very dangerous

This is the screenshot

And Google Chrome must be have the Java extention..

The question is Is Google Chrome can be potential to the Java 0 Day Exploit.???

dytra
  • 164
  • 2
  • 12

1 Answers1

1

Yes. If the browser has Java enabled (not Javascript) then it is just as vulnerable as anything else running a vulnerable version of Java. This applies for Firefox, Safari, etc.

The only way to protect yourself is to disable the Java plugin/extension and wait for a patch.

supersam654
  • 3,126
  • 33
  • 34
  • Oh thanks. So you mean the java runtime no the javascript in the browser right. So It doesn't matter if I enable the javascript .. Coz almost All website using javascript.. Better disable my Java first – dytra Jan 22 '13 at 00:11
  • 1
    @supersam654 Oracle already released 7u11 that's supposed to correct the problem, – fvu Jan 22 '13 at 00:12
  • @fvu Yes and I'm glad they did. However, this applies to any Java exploit (be it zero-day or old). – supersam654 Jan 22 '13 at 00:19
  • Hey So you mean There's a previous 0 day java exploit :O – dytra Jan 22 '13 at 00:39
  • There have been tons of security problems! A quick [link](http://www.infoq.com/news/2010/10/java-exploit-uptick) I found off of the Wikipedia page explains more. Most incremental updates (6.21 to 6.22 for example) usually contain at least a dozen patches. A good amount of them are usually security related. – supersam654 Jan 22 '13 at 00:47
  • Hoho Sorry, I'm not a security guy.Hehe But thanks for the information , u're a good guy ;) – dytra Jan 22 '13 at 01:13