The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,706 other followers

in light of the zero-day Java exploits: JRE removal/install tool JavaRa from SingularLabs

Posted by jpluimers on 2013/01/17

Even though the JavaRa tool is Windows-only, it is a tremendous help scraping old vulnerable versions of the Java Runtime Environment (JRE) from your systems and keeping only the fixed versions.

Regular JRE installs from Oracle/Sun will keep the old-and-vulnerable JRE versions.

(note that it seems the recent JRE update did not actually fix the vulnerability, just the exploit, and that a new Java vulnerability might already be exploited. Be sure to keep a watch upcoming Java updates for these).

JavaRa

JavaRa is an effective way to deploy, update and remove the Java Runtime Environment (JRE). Its most significant feature is the JRE Removal tool; which forcibly deletes files, directories and registry keys associated with the JRE. This can assist in repairing or removing Java when other methods fail.

JavaRa 2.1 (released 20130116)

The recently discovered Zero-day Java exploit has increased JavaRa’s popularity significantly, so we’re pushing version 2.1 earlier than expected.

  • Added Java temporary file cleaning tool
  • Added German, Spanish & Hungarian translations
  • Added /UPDATEDEFS and /UNINSTALLALL commandline arguments
  • Program now requests admin rights on start
  • Improved detection of Java version
  • Grab the update from the JavaRa download page.

Less Significant Changes

  • Displays an alert if no JRE installations are found
  • Fixed potential crash when checking Java version
  • Localized the online update check
  • Updated Russian & French translations
  • Improved performance of translator module

–jeroen

via:

One Response to “in light of the zero-day Java exploits: JRE removal/install tool JavaRa from SingularLabs”

  1. IL said

    I’ve thought JavaRa was long time retired since v1.6 in 2010. Thanks for remind it is being updated.
    I’ve used group poilicy backup to block Java in browser http://www.grouppolicy.biz/2013/01/how-to-disable-java-in-ie-using-group-policy/ with Disable_JAVA_Toolkit_v1.zip https://twitter.com/stealthpuppy/status/290402966740017152

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: