Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

话题已存档。 如果需要帮助请提出新问题。

Plugin Status Check reports latest Java x64 as vulnerable

  • 2 个回答
  • 5 人有此问题
  • 1 次查看
  • 最后回复者为 ADTC

ADTC
ADTC
more options

Last night I updated all plugins to show the green "Up to date" buttons in the Plugin Status Check website. However, this morning, it reports that the Java plugin is vulnerable (note: not 'out of date'). Is there a new revealed vulnerability in Java publicized in the last few hours?

There is no new version of Java as of now, as the latest is Java 8 Update 45, released on April 14, 2015. Although it may be of importance to note that I first installed 32-bit version of Java to get the green "Up to date" status, but later also installed the 64-bit version of Java (as I need it instead for my 64-bit Eclipse). Could this have caused the vulnerability flag to trigger? Is there a vulnerability in 64-bit Java that is not present in the 32-bit installation?

I saw a few similar questions on Flash plugin, but I already disabled Flash completely. This is concerning Java.

I am running 32-bit Firefox for Windows. I am on Windows 7.

Last night I updated all plugins to show the green "Up to date" buttons in the Plugin Status Check website. However, this morning, it reports that the Java plugin is vulnerable (note: not 'out of date'). '''Is there a new revealed vulnerability in Java publicized in the last few hours?''' There is no new version of Java as of now, as the latest is Java 8 Update 45, released on April 14, 2015. Although it may be of importance to note that I first installed 32-bit version of Java to get the green "Up to date" status, but later also installed the 64-bit version of Java (as I need it instead for my 64-bit Eclipse). Could this have caused the vulnerability flag to trigger? Is there a vulnerability in 64-bit Java that is not present in the 32-bit installation? I saw a few similar questions on Flash plugin, but I already disabled Flash completely. This is concerning Java. I am running 32-bit Firefox for Windows. I am on Windows 7.
已附加屏幕截图

由ADTC于修改

被采纳的解决方案

A 32 bit Firefox version will only look at 32 bit Java version.

Note that Java is affected as well.

定位到答案原位置 👍 0

所有回复 (2)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

选择的解决方案

A 32 bit Firefox version will only look at 32 bit Java version.

Note that Java is affected as well.

ADTC
ADTC 提问者
more options

Understood about 32-bit. It is as expected, so I suppose my 64-bit Java installation should not have done anything.

I gather that those articles are posted two days ago, so it should be as recent as it can get. And Oracle is still working on a fix, and that's why there's no new version of Java to update from the vulnerable latest version.

I think I will take the advice and disable Java completely. :)

I think the Plugin Check site has to be enhanced to notify its users that vulnerable plugins may not necessary be out of date. They could be up to date but open to a recently discovered vulnerability. And that it's recommended to keep them disabled until the vulnerability is fixed in a future release.

由ADTC于修改