So for this to actually be a risk, you have to have version 7 of Java installed and hit a website that has malicious code in it that will trigger java (not javascript), created by someone that has already started abusing this exploit discovered by a security firm on Friday?
Is this firm handing out the code to hackers or something?
Oh, nevermind, I read the metaslpoit post. I love how when this stuff hits the news, the exploit immediately becomes widely available, with screenshots and instructions on how to use it.
There appears to be multiple ad networks redirecting to Blackhole sites, amplifying the mass exploitation problem. We have seen ads from legitimate sites, especially in the UK, Brazil, and Russia, redirecting to domains hosting the current Blackhole implementation delivering the Java 0day. These sites include weather sites, news sites, and of course, adult sites.
My dlink web cam uses java
My dlink web cam uses java and neither of the app under windows/osx work at the moment. My only access right now is through android app on my GNexus.
Scottrade requires JAVA for steaming quotes so its enabled for IE. All other sites are browsed with FF.
To be safe, its uninstalled for now until the update is available on Tuesday. I oversee several dollars and need access to Java so I can manipulate governments and people to serve my Machiavellian interests.
()
I have an add-on for Firefox called Quickjava and it allows me to disable Java when I'm not using it. I never keep it on unless I need it and that need is only for pingtest.net. I also use Noscript which not only will block Javascript, but Java unless I approve of it.