[UPDATE – On Thursday afternoon, 8/30/2012, Oracle threw aside it’s normal update schedule and released a special upgrade fix to the Java 7 engine. If you visit www.Java.com, you’ll see a download link for Version 7 Update 7 which is suppose to fix the security problem][ CLICK HERE to read a ZDNet Story about the Update]
[ANOTHER UPDATE – Monday, September 3rd – CNet reports that yet MORE security flaws have been found in the Java 7 update that was released late last week. CLICK HERE to read the article on CNet. So, most security experts are saying… unless you need it for something, just completely uninstall Java!]
Now on to the original article…. which is STILL worth reading…
This past week, news reached the masses that Java, a programming technology used on the Web, has a security vulnerability (called a “zero-day” vulnerability) that allows attackers to exploit the computers of site visitors.
Java, which was developed by Sun Microsystems back in 1995, allows programmers to create software that among other things, makes web sites more interactive. For the software to work, your computer must have the Java engine installed. Then, when you visit a site using Java code, that code is quickly downloaded to your computer and run by the Java engine.
Java, along with Adobe Flash, Adobe Shockwave, and Apple QuickTime is one of the most common add-ons found on people’s computers. Although the engine runs in Windows, it also integrates itself with your browser (Internet Explorer, Chrome, Firefox, etc.) to make web pages work.
So here’s the problem…
The recently found Java security problem is posing a big enough threat, that most online security experts are advising computer users to temporarily disable Java in each of your browsers, or even just completely uninstall it from your computer.
Oracle, which now owns Java, is not expected to release a patch for the problem until later this year (which is really frustrating a lot of security experts).
So what should YOU do?
Here are my suggestions:
(1) If you visit sites that DO use Java for interaction, and you are a user of Google Chrome or Mozilla Firefox browsers, disabling Java is not hard to do, and once disabled in those browsers, you’ll be safe from any Java exploits as you browse.
To learn how to disable Java, you can use these links…
(2) If you are a user of Internet Explorer for your browser, things are a lot different. It’s actually pretty hard to disable Java in Internet Explorer. I know how to do it, and I toyed with the idea of putting together a video to show you how, but to be honest, even with video instructions you might have some problems getting Java disabled.
So my suggestion for those using Internet Explorer is… just completely uninstall it from your computer, using Add/Remove Programs (in Windows XP) or Programs and Features (in Windows 7). Both are found in the Windows Control Panel.
NOTE: Only Java version 7 (versus the older version 6) is affected by the security flaw. So if you find that you are still using the older version, you MIGHT be OK in just leaving things alone. But in all honesty, since Java is not used as often as it use to be, I still think just uninstalling it completely might be the best bet for most folks.
(3) If you DON’T visit sites that commonly use Java, I would just uninstall it completely. For quite some time, now, a lot of Internet Security companies have said that if you don’t need Java, why leave it on your computer? And I agree with that.
I uninstalled my Java engine a few days ago, and haven’t noticed the loss of anything important. I figure that I can always reinstall it if I run across something important that needs it.
Again, to uninstall Java, just open your Windows Control Panel, and in Windows XP go to Add/Remove Programs, and in Windows 7 go to Programs and Features.
As always, I’d love to hear your experiences or comments. You can leave them below…