in light of the zero-day Java exploits: JRE removal/install tool JavaRa from SingularLabs
Posted by jpluimers on 2013/01/17
Even though the JavaRa tool is Windows-only, it is a tremendous help scraping old vulnerable versions of the Java Runtime Environment (JRE) from your systems and keeping only the fixed versions.
Regular JRE installs from Oracle/Sun will keep the old-and-vulnerable JRE versions.
(note that it seems the recent JRE update did not actually fix the vulnerability, just the exploit, and that a new Java vulnerability might already be exploited. Be sure to keep a watch upcoming Java updates for these).
JavaRa is an effective way to deploy, update and remove the Java Runtime Environment (JRE). Its most significant feature is the JRE Removal tool; which forcibly deletes files, directories and registry keys associated with the JRE. This can assist in repairing or removing Java when other methods fail.
The recently discovered Zero-day Java exploit has increased JavaRa’s popularity significantly, so we’re pushing version 2.1 earlier than expected.
- Added Java temporary file cleaning tool
- Added German, Spanish & Hungarian translations
- Added /UPDATEDEFS and /UNINSTALLALL commandline arguments
- Program now requests admin rights on start
- Improved detection of Java version
- Grab the update from the JavaRa download page.
Less Significant Changes
- Displays an alert if no JRE installations are found
- Fixed potential crash when checking Java version
- Localized the online update check
- Updated Russian & French translations
- Improved performance of translator module