Is Java in your web browser exploitable?
Vulnerabilities in the Oracle Java Runtime Environment (JRE)
are being exploited just by viewing malicious web pages.
Oracle strongly recommends that the Java updates released
on Thursday August 30, 2012 be applied.
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
CERT recommends updating Java and considering other workarounds
including disabling the Java plug-in in your web browser.
http://www.kb.cert.org/vuls/id/636312
A web page powered by Rapid7 will check to see if
your web browser has a Java plug-in enabled and whether
the version of Java is exploitable –
http://www.isjavaexploitable.com/
http://java.com/en/download/installed.jsp
can be used to detect the version of java installed.
http://www.oracle.com/technetwork/java/javase/downloads/
is a Java SE downloads page.
Please direct any questions or comments to the
IRIS help desk (help@eecs, 395 Cory M-F 9:30am-5pm, 642-7777).