This is exactly what we have done. Thanks. Good to hear others recommend it.
From: Kennedy, Jim [mailto:[email protected]] Sent: Friday, January 25, 2013 10:09 AM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust If it is over the internet.add that site to trusted and disable java in the 'internet zone'. http://blogs.msdn.com/b/ieinternals/archive/2011/05/15/controlling-java-in-i nternet-explorer.aspx From: Andrew S. Baker [mailto:[email protected]] Sent: Friday, January 25, 2013 11:04 AM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust Be advised that the primary vector for Java exploits into an organization is via the web browser plugin. So, unless your B2B app is over the public network, or requires that the browser plugin be operational, you have some measure of risk reduction. ASB <http://xeeme.com/AndrewBaker> http://XeeMe.com/AndrewBaker Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market. On Tue, Jan 15, 2013 at 1:21 PM, Sam Cayze <[email protected]> wrote: >>>Does the reward outweigh the risk? The reward is we get to stay in business :) We have a major partner that requires us to run it for a B2B app. So, we have to use it. But I've made it so just one user uses that app. That and the occasional WebEx stuff, but I uninstall it from people's PCs right afterwards. So looks like 6 is now the flavor of the month. Hard to keep track. Speaking of months, v6 is EOL in FEB. We'll no longer have the options between 6 and 7 going forward to sidestep all these issues :( Sam -----Original Message----- From: Kennedy, Jim [mailto:[email protected]] Sent: Tuesday, January 15, 2013 12:10 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Correct, but 6 is vulnerable to it's own set of exploits that were never fixed and they are well known. Arguably the bad guys are paying more attention to attacking 7 now so theoretically you are safer with 6. Bottom line, java is insecure no matter what you do and will be that way for several years to come, imho. Risk vs reward. What is the reward for your org for continuing to allow java to run? Does the reward outweigh the risk? -----Original Message----- From: Sam Cayze [mailto:[email protected]] Sent: Tuesday, January 15, 2013 12:24 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust Am I right in assuming that the latest version of version 6 is, or was, NOT affected by this? Can't find anything out there that suggests it was... -----Original Message----- From: Kennedy, Jim [mailto:[email protected]] Sent: Friday, January 11, 2013 1:34 PM To: NT System Admin Issues Subject: RE: Java 7 0day actively exploited in the wild | BeyondTrust http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day-f <http://www.zdnet.com/homeland-security-warns-to-disable-java-amid-zero-day- flaw-7000009713/> law-7000009713/ ________________________________________ From: Mark Boeck [[email protected]] Sent: Friday, January 11, 2013 12:15 PM To: NT System Admin Issues Subject: Re: Java 7 0day actively exploited in the wild | BeyondTrust lol - a friend of mine, a microsoft security mvp, starts her blog off like this: how to uninstall java! http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html only after that does she post some links about the threat - > - ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected] re.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
