Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Newcomers » Newcomers » Java 7 Issue(Eclipse IDE with less than ver 7 Java)
Java 7 Issue [message #905478] Thu, 30 August 2012 09:03 Go to next message
Virginia Fletcher is currently offline Virginia Fletcher
Messages: 1
Registered: August 2012
Junior Member
My company has advised us of the vulnerability found in Java 7 below and asked that we remove Java 7 immediately
The vulnerability is present in Java 7.

The vulnerability allows attackers to use a custom web page to force systems to download and run an arbitrary payload for example, a keylogger or some other type of malware.

There are reports of multiple exploits in the wild targeting this vulnerability and this is being viewed as highly critical.

One of our key developers has indicated that Eclipse IDE has a java dependency and took quite a while to set up would be broken if we remove it. To be exact he says it will break Eclipse running R through a java-dependent plugin, StatET. Can someone comment on whether or not this is true and if so is there a workaround because we will be removing Java from the machine.



Re: Java 7 Issue [message #905493 is a reply to message #905478] Thu, 30 August 2012 09:35 Go to previous messageGo to next message
David Wegener is currently offline David Wegener
Messages: 1336
Registered: July 2009
Senior Member
Eclipse definitely requires Java. Eclipse is a Java application and has to run in a Java VM.

The exploit you are referring to involves the Java plugin in a web browser. You can protect against the problem by disabling the Java plugin in your Web Browsers. You don't have to remove the Java Development Kits from your machines.
Re: Java 7 Issue [message #905555 is a reply to message #905478] Thu, 30 August 2012 12:07 Go to previous message
Dani Megert is currently offline Dani Megert
Messages: 3801
Registered: July 2009
Senior Member
On 30.08.2012 15:03, Virginia Fletcher wrote:
> My company has advised us of the vulnerability found in Java 7 below
> and asked that we remove Java 7 immediately
> The vulnerability is present in Java 7.
>
> The vulnerability allows attackers to use a custom web page to force
> systems to download and run an arbitrary payload for example, a
> keylogger or some other type of malware.
>
> There are reports of multiple exploits in the wild targeting this
> vulnerability and this is being viewed as highly critical.
>
> One of our key developers has indicated that Eclipse IDE has a java
> dependency and took quite a while to set up would be broken if we
> remove it. To be exact he says it will break Eclipse running R
> through a java-dependent plugin, StatET. Can someone comment on
> whether or not this is true and if so is there a workaround because we
> will be removing Java from the machine.
>
Since you do not explicitly link to the concrete problem I don't know
whether it's also in JRE 6. If not, just downgrade to JRE 6. Even if you
downgrade, you can still launch and use JRE 7 independently of what you
install as default on your system.

Dani
Previous Topic:Eclipse IDE Icon size
Next Topic:CDT + JDT?
Goto Forum:
  


Current Time: Fri Aug 22 00:01:00 EDT 2014

Powered by FUDForum. Page generated in 0.02122 seconds