This story is odd. Perhaps it is pure click-bait? Why would an attack that depen... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

dboreham on July 13, 2015 | parent | context | favorite | on: First Java Zero-Day Attack in Two Years Targets NA...

This story is odd. Perhaps it is pure click-bait? Why would an attack that depends on a vulnerability Microsoft fixed three years ago be successful or even attempted today?? And...if someone were running a machine without this MS patch, and presumably also without a browser that makes you perform handstands while singing "There's no business like show business" before it will run Java, then wouldn't they also be vulnerable to hundreds of other issues fixed in the past few years??

crisnoble on July 13, 2015 [–]

> then wouldn't they also be vulnerable to hundreds of other issues fixed in the past few years?

That is a scary thought. I guess this is what happens when you cling to using XP and IE8 after Microsoft has ended support.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact