“Sun’s JRE has a security flaw, so turn off Javascript” says the security expert
I’ve listened to “Security Now”, TWiT’s “security” oriented podcast, which is hosted by Steve Gibson who is apparently a big internet security guru – so says the website. If the title doesn’t make it very clear why I quoted “security” above, then here is the scoop from Security Now episode 222 (starting at 14:50):
The latest Java Runtime Edition, in the latest version, has multiple vulnerabilities and no updates available. It acknowledged multiple problems. There is enough disclosed for exploits to be created on the net. Unfortunately, the only workaround is the workaround we all know to well – which is to disable Javascript to prevent the Java Runtime Edition components from being exploited until Sun updates themselves.