Why is the Java 8.0.25 plugin after 7.0.67 vulnerable too?
There is very common in the section of the plugins, in the AddOn menu, the message that the java plugin is vulnerable an it is to be used with caution. Now in 8.0.25 again. What does it means? Is there or will be there a solution for that? Is NoScript in this case useful, or another security option?
Thanks!
Chosen solution
It seems that Oracle refuses to fix the vulnerabilities in Java Deployment Toolkit plugin, thus every new version that Oracle releases is marked as vulnerable.
http://www.java.com/en/download/help/firefox_java.xml
https://www.java.com/en/download/faq/deployment_toolkit.xml For the average internet user the Deployment Toolkit isn't needed. Typically it is used by "in house" applications on company intranets that use Oracle software (which tend to use very old versions of Java) and by developers of Java applications.
Read this answer in context 👍 2All Replies (6)
Which Java Plugin are you referring to?
The Java Deployment Toolkit? Or the Java Platform'?
The Java Deployment Toolkit is meant :) It's what Firefox is saying in the plugin section in Addons
Modified
I answered beneath :)
Chosen Solution
It seems that Oracle refuses to fix the vulnerabilities in Java Deployment Toolkit plugin, thus every new version that Oracle releases is marked as vulnerable.
http://www.java.com/en/download/help/firefox_java.xml
https://www.java.com/en/download/faq/deployment_toolkit.xml For the average internet user the Deployment Toolkit isn't needed. Typically it is used by "in house" applications on company intranets that use Oracle software (which tend to use very old versions of Java) and by developers of Java applications.
Thanks, so in this case, while I'm not using it - will it be ok to disable it or to change to "Never activate" ? Thanks!
Yes - disabling it is ok.