This article mentions:
http://nakedsecurity.sophos.com/2012/08/28/unpatched-java-exploit-spreads-like-wildfire/
"Need to access intranet pages that require Java in your browser? Use your client firewall to disallow access to non-intranet resources for javaw.exe (on Windows)."
We are investigating using a similar tactic in our organization to block java wherever we can. It seems java exploits are plentiful and take a while to be patched. I'm guessing I would block JAVAW from talking to anything but the intranet and certain websites.
What do you do in your organizations? What do your rules look like? I'm not sure I have my mind around what is even possible, so any little bit helps.
thanks in advance
Mike
This thread was automatically locked due to age.