MELIBS-L Archives

Maine Libraries Discussion List


Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Nelson Eubanks <[log in to unmask]>
Reply To:
Nelson Eubanks <[log in to unmask]>
Thu, 17 Jan 2013 12:04:08 -0500
text/plain (36 lines)
Due to multiple requests for information regarding safety of the Millennium
ILS software please see my comments below.

The recent zero day exploit affecting java version 1.7 that is getting so
much attention does not affect the Millennium software.  This is because
the software runs a separate, older version of java, 1.6 , that is not
affected by the vulnerability.

The 1.7 exploit affects java that runs in your browser, usually via plugins
or applets as this is the gateway for the attack. This vulnerability in 1.7
is a serious issue that needs to be handled by your local IT support
services relative to decisions on patching and/or disabling browser java
plugins all together.  Please be advised that disabling browser java plugin
will affect your ability to access the Millennium manual pages as well as
running certain web statistics. Therefore if you need these functions you
will need to enable/disable web java as necessary.

Despite the recent hype zero day exploits have been around for many years
as they have always been, and will always be, the preferred method of
Internet attacks. Java has been increasingly targeted in zero day exploits
over the last several years but so are many other applications and OS
builds (e.g. Windows). Just keep this in mind as again this is a serious
issue but the hysteria is a bit overblown.

Please contact me directly with any questions. You may also wish to view
Innovative's response to similar quesations at the front page of .

Nelson Eubanks
Library Systems Manager
Maine Info Net
207 581 3093
207 581 3095(fax)