Why is the Java 8.0.25 plugin after 7.0.67 vulnerable too?
There is very common in the section of the plugins, in the AddOn menu, the message that the java plugin is vulnerable an it is to be used with caution. Now in 8.0.25 again. What does it means? Is there or will be there a solution for that? Is NoScript in this case useful, or another security option?
Thanks!
被選擇的解決方法
It seems that Oracle refuses to fix the vulnerabilities in Java Deployment Toolkit plugin, thus every new version that Oracle releases is marked as vulnerable.
http://www.java.com/en/download/help/firefox_java.xml
https://www.java.com/en/download/faq/deployment_toolkit.xml For the average internet user the Deployment Toolkit isn't needed. Typically it is used by "in house" applications on company intranets that use Oracle software (which tend to use very old versions of Java) and by developers of Java applications.
從原來的回覆中察看解決方案 👍 2所有回覆 (6)
Which Java Plugin are you referring to?
The Java Deployment Toolkit? Or the Java Platform'?
The Java Deployment Toolkit is meant :) It's what Firefox is saying in the plugin section in Addons
由 hittman 於 修改
I answered beneath :)
選擇的解決方法
It seems that Oracle refuses to fix the vulnerabilities in Java Deployment Toolkit plugin, thus every new version that Oracle releases is marked as vulnerable.
http://www.java.com/en/download/help/firefox_java.xml
https://www.java.com/en/download/faq/deployment_toolkit.xml For the average internet user the Deployment Toolkit isn't needed. Typically it is used by "in house" applications on company intranets that use Oracle software (which tend to use very old versions of Java) and by developers of Java applications.
Thanks, so in this case, while I'm not using it - will it be ok to disable it or to change to "Never activate" ? Thanks!
Yes - disabling it is ok.