Bad Java

The Department of Homeland Security wants you to disable Java.

Image

Update: it took Oracle three days, but they’ve just released Java 7 update 11, which mitigates these reported vulnerabilities. If you’re running Java 7, please download and install it ASAP.

If you haven’t heard about the current Java security problem, you should: it’s estimated that at least 86 known vulnerabilities are affecting hundreds of millions of users currently. Even the U.S. Department of Homeland Security has recommended that computer users disable Java completely until the problems have been mitigated.

If you’re using Windows and your installed Java version is 7, you’re vulnerable. You can check your active version at Java’s site via this link.

As there is currently no true fix for Java (Oracle promises that they’re working on one now, although they’ve known about a bug that lead to this vulnerability for months and have refused to fix it, until now), the only real way to mitigate this vulnerability is to disable Java support for your browser. If you choose this route, you can go back and enable it once the vulnerability has been fixed.

In the meanwhile, it’s probably not a bad idea to:

When installing Java or any of its updates, please ensure that you disable the Ask.com toolbar and default search provider during installation, unless you like bloatware that borders on malware.

Image

Make sure to un-tick the Ask Toolbar opt-in during Java installations and upgrades.

For more details, please see:

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s