SillyDog701

[Gregor]

I received this message from Panda :

Quote:
- Important update for Windows - Oxygen3 24h-365d, by Panda Software ( http://www.pandasoftware.com )

Madrid, April 10 2003 - Microsoft has released a patch to fix a serious vulnerability in Virtual Machine, the module that supports Java programs in Windows 95, 98, 98SE, Millennium, NT 4.0, 2000 and XP.
The problem stems from a flaw in "ByteCode Verifier", the VM process for validating Java code to make sure it meets certain security criteria and does not contain dangerous code sections.

The vulnerability could allow an attacker to construct a Java applet with malicious instructions, which could be executed with the same privileges as the user of the machine under attack. The malicious Java applet could be in a web page, executed whenever the web page is visited, or send directly to the victim's inbox in an e-mail.
All versions of Virtual Machine up to and including 3809 are affected by the vulnerability. To check which version is installed on a computer, follow the instructions provided by Microsoft in the FAQ section of their security bulletin*. If the version is vulnerable to this flaw, the version 3810 which is not affected, should be installed.

(*)More details on the vulnerability and the patch are also available from Microsoft's security bulletin at:
http://www.microsoft.com/technet/securi ... 03-011.asp
End of quote.

Note : I am getting a little bit tired of all this patches and fixes . Im seriously thinking to change OS

Gregor

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 (DJGM-i.net)

[Antony]

Note : I am getting a little bit tired of all this patches and fixes . Im seriously thinking to change OS

Gregor

I don't usually install all patches or updates, particularly from Microsoft.
My recommendation: MacOSX

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 (CK-SillyDog)

[Mandrake]

Just delete the tainted MS Java VM and install the real java VM from Sun!

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4b) Gecko/20030407

[Antony]

Just delete the tainted MS Java VM and install the real java VM from Sun!

I won't recommend that. MS Java VM is faster under Windows.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 (CK-SillyDog)

[Gregor]

Antony wrote: I don't usually install all patches or updates, particularly from Microsoft.

Antony, neither do I. I posted this message manly for users, who use MS java, bundeled into other MS products. It does not affect me at all. As you know by now I do not have IE (and its Java) on my computer.

Gregor

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 (DJGM-i.net)

[Mandrake]

Microsoft's Java is full of security holes, like IE. Besides - if one uses a browser other than IE, then they would need Sun Microsystem's Java. The Sun JVM sits atop of IE perfectly also.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4b) Gecko/20030407