The Department of Homeland Security wants you to disable Java.
Update: it took Oracle three days, but they’ve just released Java 7 update 11, which mitigates these reported vulnerabilities. If you’re running Java 7, please download and install it ASAP.
If you haven’t heard about the current Java security problem, you should: it’s estimated that at least 86 known vulnerabilities are affecting hundreds of millions of users currently. Even the U.S. Department of Homeland Security has recommended that computer users disable Java completely until the problems have been mitigated.
If you’re using Windows and your installed Java version is 7, you’re vulnerable. You can check your active version at Java’s site via this link.
As there is currently no true fix for Java (Oracle promises that they’re working on one now, although they’ve known about a bug that lead to this vulnerability for months and have refused to fix it, until now), the only real way to mitigate this vulnerability is to disable Java support for your browser. If you choose this route, you can go back and enable it once the vulnerability has been fixed.
In the meanwhile, it’s probably not a bad idea to:
- Update your version of Java (currently v7update10).
- Use a web browser other than Internet Explorer. There’s really no good excuse for using IE anymore: Chrome and Firefox are excellent alternatives.
When installing Java or any of its updates, please ensure that you disable the Ask.com toolbar and default search provider during installation, unless you like bloatware that borders on malware.
For more details, please see: