Ok, Oracle. I’ve had it with you.

Thank G-d for Martin Brinkmann and gHacks.net.

Just finished my postprandial nap, and went to my email only to discover the above.

Turns out that since April, 2012 The Poland based company, “Security Explorations” has notified Oracle about 29 vulnerabilities. Since the patch, this company discovered yet another vulnerability which allows a breach in the Java’s sandbox. Two of these vulnerabilities have been exploited in the past few days according to the Polish company.

gHacks recommends Java be uninstalled (or disabled in your browser/s) yet again.

In all honesty, who needs it?

If you use Chrome, in your browser type chrome://chrome/settings/content

and then under “Plug-ins” choose “Click to play”, or:

Wrench icon > Options > Under The Hood > Content Settings button > Click to play under Plug-ins

Comodo Dragon: Type Dragon://chrome/settings/content and do the same as is written under Chrome (above).

If you use Firefox, Firefox button>Add-ons>Extensions>Plugins>disable button for the Java plug-ins (on the right).

If you play with the Firefox nightly build, you can’t get this feature to work, so I’d advise (for security) to move to the RTM version of the browser and then disable it as above.

Opera: Opera button > Settings > Preferences > Advanced > Content > Enable plug-ins only on demand.

Martin Brinkmann recommends you uninstall the browser’s Java plugin altogether.

Another viable option is to install the extension “NoScripts” which will prevent Java from running in your browser unless you decide to trust a given site and “whitelist” it.

Source:

http://www.ghacks.net/2012/09/02/warning-java-still-vulnerable-after-patch/?_m=3n%2e0038%2e630%2ehj0ao01hy5%2en8f