Jump to content


Zero-Day Java 7 Exploit


  • This topic is locked This topic is locked
13 replies to this topic

#1 Kevin♫

Kevin♫

    Lead the charge

  • Posts:9,800
  • Joined:21-January 07
  • RS Name:King Bradley
  • RS Status:Oldschool

Posted 13 January 2013 - 12:45 PM

We have been following the news very carefully about the zero day exploit in Java 7 and wanted to post a quick reminder to keep not only your RuneScape account safe but your PC as well by being careful about what sites you visit and potentially not upgrading to Java 7 until the exploit is patched. While your computer is in no danger while continuing to play RuneScape, exploit kits such as Redkit, Nuclear Pack, and Blackhole are currently attacking this vulnerability when you visit untrustworthy sites.

One way this vulnerability is being used is to add keyloggers onto susceptible PCs. We would remind you to activate JAG on your RuneScape account as an additional level of account security which should help keep your account safe should your PC become compromised.

Please keep in mind that the exploit is being distributed through untrustworthy sites and to be careful about your browsing habits. We want to ensure that you get to continue to enjoy the rich world that is Gielinor for many years to come.

To discuss this further or get instructions on how to downgrade your version of Java, click here to head over to the Tech Support forum.

Join ZChat - Zybez Friends Chat | AoTM Staff
Posted Image
Global Moderator | Recruiting Leader | Clan Discussion Staff | General Discussion Staff

Posted Image


#2 The duck

The duck

    The Community Duck™

  • Posts:12,660
  • Joined:06-April 08
  • RS Name:Elysian Duck
  • RS Status:Member

Posted 13 January 2013 - 12:49 PM

This sucks.. an program used for e-tests at school is using java..but if I only use it for that and RuneScape there is no real threat right?

View PostRashy, on 03 November 2010 - 09:25 AM, said:

The duck is Justin Bieber in disguise. He's spying on us. Ban now!


Posted Image


Blogs Team Leader & CL of Questions, feel free to PM me with suggestions or ideas


#3 Brogusa

Brogusa

    Friends, let's bring them Hell.

Posted 13 January 2013 - 12:59 PM

Yep, I'm REALLY glad I have OpenJDK instead of Java SE 7.

Once again, UP YOURS ORACLE!!!!!!

#4 ToeJam

ToeJam

    Finger Picking Good

  • Posts:4,281
  • Joined:22-November 08
  • RS Name:ToeJam
  • RS Status:Retired

Posted 13 January 2013 - 01:22 PM

Kind of surprised to not see any mention of this on yahoo or msn news. It's kind of a big deal when a program that runs on so many devises has been compromised.

Posted Image


#5 Robinhoodrs

Robinhoodrs

    Bomb Squad Unit

Posted 13 January 2013 - 01:27 PM

View PostToeJam, on 13 January 2013 - 01:22 PM, said:

Kind of surprised to not see any mention of this on yahoo or msn news. It's kind of a big deal when a program that runs on so many devises has been compromised.

There was mate, the topic I posted in the News Section of Zybez was a source from Yahoo.

Posted Image


| Singles PKing Team | www.dontpanicrs.com | #DontPanic |


#6 ToeJam

ToeJam

    Finger Picking Good

  • Posts:4,281
  • Joined:22-November 08
  • RS Name:ToeJam
  • RS Status:Retired

Posted 13 January 2013 - 01:30 PM

View PostRobinhoodrs, on 13 January 2013 - 01:27 PM, said:

View PostToeJam, on 13 January 2013 - 01:22 PM, said:

Kind of surprised to not see any mention of this on yahoo or msn news. It's kind of a big deal when a program that runs on so many devises has been compromised.

There was mate, the topic I posted in the News Section of Zybez was a source from Yahoo.

US or UK based? Did a search on their site and found nothing :-(

Posted Image


#7 No1

No1

    Disaster Control Ward

  • Posts:15,659
  • Joined:24-December 02
  • RS Name:No1 1000
  • RS Status:Member
  • Clan:Zybeznet

Posted 13 January 2013 - 01:40 PM

Like I said in Robinhood's thread, if this concerns you: Disable/uninstall Java, use the RS Client. It is not vulnerable.
"He attacked everything in life with a mix of extraordinary genius and
naive incompetence, and it was often difficult to tell which was which."

- Douglas Adams (Hitchhiker's Guide to the Galaxy)

#8 Fasty

Fasty

    Merlin PK Leader

  • Posts:7,975
  • Joined:13-September 08
  • RS Name:Fast993
  • RS Status:Oldschool

Posted 13 January 2013 - 01:52 PM

I use the client anyway. :P

BOW DOWN OR FALL DOWN - #JKU

Posted Image

We do allow stolen images, edited or not, to be used in Signatures. If you have any questions feel free to PM me - Mod Fasty


#9 Robinhoodrs

Robinhoodrs

    Bomb Squad Unit

Posted 13 January 2013 - 01:55 PM

View PostToeJam, on 13 January 2013 - 01:30 PM, said:

View PostRobinhoodrs, on 13 January 2013 - 01:27 PM, said:

View PostToeJam, on 13 January 2013 - 01:22 PM, said:

Kind of surprised to not see any mention of this on yahoo or msn news. It's kind of a big deal when a program that runs on so many devises has been compromised.

There was mate, the topic I posted in the News Section of Zybez was a source from Yahoo.

US or UK based? Did a search on their site and found nothing :-(

http://news.yahoo.co...--sector.html  :thumbsup:

Posted Image


| Singles PKing Team | www.dontpanicrs.com | #DontPanic |


#10 ToeJam

ToeJam

    Finger Picking Good

  • Posts:4,281
  • Joined:22-November 08
  • RS Name:ToeJam
  • RS Status:Retired

Posted 13 January 2013 - 02:09 PM

View PostRobinhoodrs, on 13 January 2013 - 01:55 PM, said:

View PostToeJam, on 13 January 2013 - 01:30 PM, said:

View PostRobinhoodrs, on 13 January 2013 - 01:27 PM, said:

View PostToeJam, on 13 January 2013 - 01:22 PM, said:

Kind of surprised to not see any mention of this on yahoo or msn news. It's kind of a big deal when a program that runs on so many devises has been compromised.

There was mate, the topic I posted in the News Section of Zybez was a source from Yahoo.

US or UK based? Did a search on their site and found nothing :-(

http://news.yahoo.co...--sector.html�� :thumbsup:

Broken link chap

the one on your thread did work (us based). Odd that this hasn't become an international warning.

Posted Image


#11 Ban ki roon

Ban ki roon

    7 Time RSC Award Winner *******

  • Posts:8,426
  • Joined:08-August 05
  • RS Status:Retired

Posted 13 January 2013 - 02:18 PM

Don't even know what happened but I don't keep anything sensitive on my computer anyway. All in the cloud!

Secretary-General of the United Nations


#12 Magick

Magick

    outrageous

  • Posts:11,305
  • Joined:28-November 08
  • RS Status:Retired

Posted 13 January 2013 - 02:26 PM

View PostThe duck, on 13 January 2013 - 12:49 PM, said:

This sucks.. an program used for e-tests at school is using java..but if I only use it for that and RuneScape there is no real threat right?
You are probably fine, as long as you do not visit a site that you could get infected from.

Posted Image


#13 netforce

netforce

    ᶘ ᵒᴥᵒᶅ

  • Posts:3,202
  • Joined:01-May 05
  • RS Name:net force
  • RS Status:Retired

Posted 13 January 2013 - 03:19 PM

knock knock
who is there?
...
...
...
...
...
..java
Posted Image
Posted Image

#14 Defender17

Defender17

    Member

  • Posts:2,374
  • Joined:10-September 05
  • RS Name:Gozatuyo
  • RS Status:Retired

Posted 13 January 2013 - 06:32 PM

http://web.nvd.nist....d=CVE-2013-0422

For the longest time I thought OpenJDK was affected as well.  I guess not.

EDIT:
They released u11 which solves the issue.

Edited by Defender17, 13 January 2013 - 09:43 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Font:
Arial | Calibri | Lucida Console | Verdana
 
Font Size:
9px | 10px | 11px | 12px | 10pt | 12pt
 
Color: