Cette faille, ou plutôt ces deux failles étaient vraiment dangereuses...
A vulnerability was reported in Java. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system. The code will run with the privileges of the target user.
Tellement que même en France on en parlait..... ;-)
To disable Java in Google Chrome: Go to the wrench in the upper right corner of the browser window Click on settings and search for Java in the search box Click on the highlighted Content Settings button and then scroll down to the Plug-ins entry Select Disable Individual Plugins and then click on Disable Java
To disable Java in Mozilla Firefox: Click on the Firefox tab in the top left corner and then click Add-ons Select Plug-ins and then click Disable on Java
Disabling Java in Internet Explorer is a little more complex, for some reason. Brian Krebs has a description of a couple of different methods for removing Java from IE.
Les plus beaux commentaires étaient alors fait sur l'exploitation de ces failles......
"The beauty of this bug class is that it provides 100% reliability and is multiplatform. Hence this will shortly become the penetration test Swiss knife for the next couple of years.