Quote:
Originally Posted by the_tyrant
If your paranoid
but really, just leave java support on. The chances that you will be attacked through java is extremely low.
|
Nope, the lesson people have to learn is that no software is safe.
Every one of them has vulnerabilities that can be exploited, and if that software connects to the internet you to keep your eyes open 2 times as much.
I had an old version of the JRE, and guess what ? I got infected almost 2 years ago because of a vulnerability in Java. Lesson learned. Don't go thinking for a moment that javascript is in any way more secure than Java. You just have to find the correct vulnerability and exploit it. Is pdf a secure format ? Nope, and there are thousands of ducements out there that exploit a vulnerability in Adobe's pdf viewer to attack the local system. Guess what Adobe updated its viewer. You think flash is secure ? And so on. The lesson to learn is 2 fold, one is to upgrade your software to the latest version (if you can't be bothered to do it manually because you tend to forget these things then enable auto-update) and second use a firewall and an antivirus software.
I mean even postscript documents !!! can be embeded with malicious code than can wipe your computer clean. And postscript is an interpreted language just as Java is.