It’s time to cut back on Java

Technology surrounding the Internet is constantly evolving. Many programs that helped allow the Internet expand and become what it is today are still in use. They stay relevant by issuing updates that often bring more functionality while meeting the evolving needs of Web developers and users. One program, however, has had a number of security issues in the past year that have prompted experts and government departments to recommend that users disable it.

That program is Java – a programming language and application that allows developers to create web applications, and users to view much of the visual content and animations on the Internet. The problem isn’t with the programming language per se, but with the application developed by Oracle Systems.

Oracle released an update to Java – Java 7, Update 10 – in December, but it was found to have some serious security flaws. These issues were quickly spotted by hacker groups who released exploit kits – software making it easy to exploit Java 7’s security weaknesses – giving them full security privileges. This exposed any computer running Java 7 to potential malware and attack. Because Java runs at the browser level, every OS could be targeted. To make matters worse, 30 security flaws were patched back in September, after nearly 1 billion computers were found to be at risk.

It’s this string of security red flags that had the US Department of Homeland Security issue a warning that users should disable Java on their browsers. In response to this, Oracle updated Java again,  to Java 7, Update 11 on January 12, and noted that the security flaw had been fixed. Many experts, including those at the Department of Homeland Security, aren’t convinced though, and are still suggesting that users disable Java because new vulnerabilities will likely be discovered.

How do I disable Java?
Chrome users

  1. Open Chrome and enter Chrome://plugins/ in a blank tab’s URL bar.
  2. Find Java (TM).
  3. Click Disable.
  4. Restart Chrome.

Firefox users

  1. Open Firefox and click Tools from the menu bar at the top of the screen.
  2. Select Add-ons followed by Plugins.
  3. Find the Java plug-in, it’s usually called Java Applet Plug-in (Mac) or Java(TM) (Windows) and click Disable.
  4. Close and restart Firefox.

Safari users

  1. Open Safari and click File followed by Preferences.
  2. Click the Security tab.
  3. Uncheck the box that says Enable Java.
  4. Close and restart Safari.

Internet Explorer users
There is no way for you to disable Java in the browser, you will instead have to completely disable Java from your computer. This can be done by following the steps on the Java website.

If you do disable Java, some websites will no longer work. This can be a bit of an annoyance, but in all honesty, security of your systems is more important, not to mention the potential costs of dealing with a massive malware infection. Besides that, many websites no longer use Java, so you can probably get by without it. At the very least, we recommend you go download the latest update from the Java website and apply it to all computers.

One issue that we need to be clear on is that these security flaws are part of the Java plug-in. You may see something called JavaScript. While the name sounds similar, they are different. JavaScript is largely used in HTML documents, and allows them to function, and is secure. If you do run across it, it’s best to leave the script alone.

Before you do update, or disable Java, we recommend you contact us. We can help advise you on what steps to take next if you use Java.

This entry was posted in General Articles C, Security - News and General and tagged , , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.
  • Internet Presence Management for Small Business Owners

    pronto logoFull-service, pay-as-you-go all inclusive websites, from design and content to SEO and social media management for one low monthly price.

    Learn more about our small business online marketing services.