Java Security Alert – Update


Despite a software pitch for Java software released on Monday, January 14 by Oracle, the Department of Homeland Security warned millions of computer users about a threat “in the wild.” Oracle Released a Java Security Fix yesterday, January 15, 2013; But Homeland Security was still not pleased.

Security experts are warning users to disable Java on their computers to avoid being compromised by hackers. As a result, the department’s Computer Emergency Readiness Team advised PC users to “consider disabling Java in Web browsers, until adequate updates are available.”

Last week, the department warned of the vulnerability of Java, which is owned by Oracle, especially in the latest version 7 of the software. Oracle said it had released a new version, Update 11, to fix the problems. Meanwhile, Microsoft, said it had released a security advisory for its Internet Explorer browser versions 6, 7 and 8, which “could allow an attacker to execute arbitrary code if a user accesses a specially crafted website.”

The flaws are important because of the increasing use of websites for banking, financial orders and retail shopping, where credit card and bank account numbers are entered online. Hackers can buy packs that identify flaws, and then hack into websites or entire retail networks to intercept those numbers.

The Cyber Security task force also said that hackers can access ad networks that take consumers to these same sites or that post malware onto their devices. Oracle said its latest patches address the latest flaws and set the security level on Java to “high” in a bid to alert users that malware could be downloaded onto their machines.

My Java Advice

When you visit a website and Java wants to run you will normally be presented with a pop-up message asking for permission to run. If you are not 100% comfortable with the website you are visiting do not provide approval for Java to run.

How Do You Disable Java in Internet Explorer?

1. If you use Internet Explorer version 7 or above, open Internet Explorer and select Tools | Manage Add-ons then skip to Step 3. If you use an older version of Internet Explorer, open Internet Explorer and select Tools | Internet Options and continue to Step 2.

2. From the Internet Options window, click the Programs tab and select Manage Add-ons.

3. From the Add-ons windows, click once to select (highlight) Java Plug-in then click the Disable button. Click Close and OK to accept the change.

4. Alternatively, you can also click Tools | Internet Options | Advanced. If Java is installed in your browser, you will see a listing for Sun Java in the Internet Options menu. Just uncheck it to disable.

5. When you encounter a site that requires Java (for example, some small online games and calculators), you can re-enable Java easily by following the same steps above, this time selecting the enable option.