/>
X

Mozilla touts 'Click to Play' in defense against Java vulnerability

Mozilla has chimed in with its own tips and resources amidst the brewing Java vulnerability scare.
rachel-king-640x465.jpg
Written by Rachel King on
zdnet-mozilla-ctp-in-action1-600x478

As worries about the Java 7 Update 10 vulnerabilities continue to escalate, Mozilla has addressed the issue in reference to how this concerns Firefox.

Michael Coates, director of Security Assurance at Mozilla, wrote in a blog post on Friday afternoon that Firefox users could be vulnerable if they have the current version of the Java plugin installed on their browsers.

More about Java on ZDNet:

In case you're not aware, another zero day vulnerability related to Java was discovered to be actively being exploited in the wild, according to a number of security researchers and reports on Friday.

This particular Java 7 weakness is said to be so detrimental that the U.S. Department of Homeland Security has warned users to disable or uninstall Java software on their computers altogether.

At this point in time, Oracle (the owner of Java) hasn't released a security update or patch to remedy the issues.

Coates explained that in fairly clear terms what could happen here:

An attacker could exploit this vulnerability to execute malicious software on a victim’s machine. This vulnerability is being actively used in attacks and the malicious exploit code is also available in common exploit kits.

For Firefox users, Coates touted the "Click to Play" security feature, which is basically used to halt loading plugins before they're clicked -- or block them altogether.

In reference to Java, this means the plugin won't load until the user clicks on the permission pop-up to do so. Thus, until a patch is rolled out, don't give permission.

Coates added that Firefox users with older versions of Java should be already protected by existing plugin blocking or Click To Play defenses.

Screenshot via Mozilla Security Blog

Related

Why you should really stop charging your phone overnight
iphone-charging.jpg

Why you should really stop charging your phone overnight

iPhone
I loved driving the Hyundai Ioniq 5 and Kia EV6, and there's only one reason I can't buy one
img-1724

I loved driving the Hyundai Ioniq 5 and Kia EV6, and there's only one reason I can't buy one

Electric Vehicles
Samsung phone deal: Get the Galaxy S22 Ultra for $299
1296x729-29

Samsung phone deal: Get the Galaxy S22 Ultra for $299

Smartphones