Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.mac.system > #23550 > unrolled thread
| Started by | Fred Moore <fmoore@gcfn.org> |
|---|---|
| First post | 2012-04-09 13:07 -0400 |
| Last post | 2012-04-10 12:09 +1200 |
| Articles | 4 — 4 participants |
Back to article view | Back to comp.sys.mac.system
Does Flashback affect Doze? Fred Moore <fmoore@gcfn.org> - 2012-04-09 13:07 -0400
Re: Does Flashback affect Doze? nospam <nospam@nospam.invalid> - 2012-04-09 13:35 -0400
Re: Does Flashback affect Doze? Lloyd <lloydparsons@me.com> - 2012-04-09 13:16 -0500
Re: Does Flashback affect Doze? dempson@actrix.gen.nz (David Empson) - 2012-04-10 12:09 +1200
| From | Fred Moore <fmoore@gcfn.org> |
|---|---|
| Date | 2012-04-09 13:07 -0400 |
| Subject | Does Flashback affect Doze? |
| Message-ID | <fmoore-F45F25.13071909042012@news.eternal-september.org> |
I presume Doze can use Java too. Does anyone know if any variant of Flashback affects that OS? If not, why not? TIA
[toc] | [next] | [standalone]
| From | nospam <nospam@nospam.invalid> |
|---|---|
| Date | 2012-04-09 13:35 -0400 |
| Message-ID | <090420121335028031%nospam@nospam.invalid> |
| In reply to | #23550 |
In article <fmoore-F45F25.13071909042012@news.eternal-september.org>, Fred Moore <fmoore@gcfn.org> wrote: > I presume Doze can use Java too. Does anyone know if any variant of > Flashback affects that OS? If not, why not? TIA the vulnerability was patched months ago on windows.
[toc] | [prev] | [next] | [standalone]
| From | Lloyd <lloydparsons@me.com> |
|---|---|
| Date | 2012-04-09 13:16 -0500 |
| Message-ID | <lloydparsons-959D6F.13163309042012@news.eternal-september.org> |
| In reply to | #23554 |
In article <090420121335028031%nospam@nospam.invalid>, nospam <nospam@nospam.invalid> wrote: > In article <fmoore-F45F25.13071909042012@news.eternal-september.org>, > Fred Moore <fmoore@gcfn.org> wrote: > > > I presume Doze can use Java too. Does anyone know if any variant of > > Flashback affects that OS? If not, why not? TIA > > the vulnerability was patched months ago on windows. So has there been a more recent patch? If not, Windows Java is at risk again.
[toc] | [prev] | [next] | [standalone]
| From | dempson@actrix.gen.nz (David Empson) |
|---|---|
| Date | 2012-04-10 12:09 +1200 |
| Message-ID | <1kibwuz.ol7o751s9vckuN%dempson@actrix.gen.nz> |
| In reply to | #23560 |
Lloyd <lloydparsons@me.com> wrote: > In article <090420121335028031%nospam@nospam.invalid>, > nospam <nospam@nospam.invalid> wrote: > > > In article <fmoore-F45F25.13071909042012@news.eternal-september.org>, > > Fred Moore <fmoore@gcfn.org> wrote: > > > > > I presume Doze can use Java too. Does anyone know if any variant of > > > Flashback affects that OS? If not, why not? TIA > > > > the vulnerability was patched months ago on windows. > > So has there been a more recent patch? No, there hasn't. Java 6 Update 31 is the current version. > If not, Windows Java is at risk again. What gives you that idea? If there _had_ been a more recent Java patch then new vulnerabilities would have been announced, which means _Mac_ users and Windows users who have not installed the latest Java update would be at risk of new variants of malcious software. If Oracle has not released a more recent Java patch then they also haven't announced any new known vulnerabilities, so the malware authors would have to expend more effort to find previously unknown security issues and exploit them. (Announced vulnerabilities give the malware authors a much more targetted area to probe.) Oracle released Java 6 Update 31 in February. It took Apple about two months to release the Mac version, which gave malware authors a reasonable window in which to locate and exploit a published vulnerability, and to get widespread distrubution to Macs, a high proportion of which were vulnerable and had no Java patch available to fix the problem. -- David Empson dempson@actrix.gen.nz
[toc] | [prev] | [standalone]
Back to top | Article view | comp.sys.mac.system
csiph-web