Today, our Enterprise Architect mentioned that a vulnerability was discovered in JRE 1.7. I found the article JRE 1.7 vulnerability recommending disabling Java .
I am working on JDK 1.5 and 1.6 at work (like many organizations, we are not using the latest technologies), so there are no problems.
At home, I am developing Java SE 7u6. I play with Grails, Spring Security, trying to keep learning.
I have already disabled the Java Plug-in in all my browsers on my home machine. However, does anyone know that my home computer machine is still vulnerable because JDK 7 is installed? I found this article in US-CERT announcing a vulnerability: Oracle Java JRE 1.7 Expression.execute () cannot restrict access to privileged code .
It seems that until the browser can launch the applets, I should be fine (it should not disable the Java Plug-in). However, what about Java Web Start / JNLP? Could this cause? This is the only thing I could think of besides applets that can be troubling.
Just wondering if I need to make an effort to uninstall my Java SE 7 and return to JDK6.
What did others do after learning about this security issue with JRE 1.7?