Skip to comments.US government tells computer users to disable Java
Posted on 01/11/2013 6:44:04 PM PST by LouAvulEdited on 01/11/2013 7:18:00 PM PST by Admin Moderator. [history]
WASHINGTON (AP) The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.
The recommendation came in an advisory issued late Thursday, following up on concerns raised by computer security experts.
Experts believe hackers have found a flaw in Java's coding that creates an opening for criminal activity and other high-tech mischief.
Excerpt, read more at Windstream
...A new Trojan horse called Mal/JavaJar-B has been found that exploits a vulnerability in Oracle’s Java 7 and affects even the latest version of the runtime (7u10).
The exploit has been described by Sophos as a zero-day attack since it has been found being actively used in malware before developers have had a chance to investigate and patch it. The exploit is currently under review at the National Vulnerability Database and has been given an ID number CVE-2013-0422, where it is still described as relatively unknown...
...uckily with the latest versions of Java, users who need to keep it active can change a couple of settings to help secure their systems. Go to the Java Control Panel that is installed along with the runtime, and in the Security section uncheck the option to “Enable Java content in the browser,” which will disable the browser plug-in. This will prevent the inadvertent execution of exploits that may be stumbled upon when browsing the Web, and is a recommended setting for most people to do. If you need to see a Java applet on the Web, then you can always temporarily re-enable the plug-in.
The second setting is to increase the security level of the Java runtime, which can also be done in the same Security section of the Java Control Panel. The default security level is Medium, but you can increase this to High or Very High. At the High level, Java will prompt you for approval before running any unsigned Java code, and at the Very High level all Java code will require such approval, regardless of whether or not it is signed.
Since this threat is Java-based, it will only affect systems that have Java installed. Most platforms do not come with Java, but if you have installed it and do not need or regularly use it, you might consider removing it from your system...
There was a different article about a Java threat posted here earlier.
This new article should stay, but Freepers may also want to consult the other one:
I disabled it and had to re-enable it or a program I need won’t load. Oh well.
"Mein Fuhrer, das Russkies sind auf das outskirts ov Berlin!"
Yeah disable Java...wouldn’t we all love to do that in a perfect world. Good luck doing that in an enterprise that uses ADP products, Kronos etc...
I’m sure the U.S. govt. has no applications that use java. They are smarter than that.
Uhhhh this alert is real and not fluff. Google it.
Tick, tick, tick...waiting for my 90 year old mother who reads all the junk advice emails to ask if she needs to disable something called java on her computer.
is it 3 o’clock in the morning?
is it 3 o’clock in the morning?
No one’s home at The White Hut/Crib.
“Leave a message and we’ll get back to you, sometime...”
The government wants me to turn off my own paid-for software!
The government wants me to eat what i cannot!
The government wants me to jump their hoops!
Typical AP. So up Obama’s ass that they are to busy to tell people how to disable it!