As much as I’ve held off writing this, I’ve come to the point where I just can’t help myself anymore. So here goes!
As reported by lots of different news sources, and even Homeland Security, hackers found series flaws in Java 7, including the latest fix that Oracle (the maker of Java) had released. The flaw lets bad-guys using two popular hacker tool kits (Blackhole and Nuclear Pack) to setup malicious web sites that when visited, can drop code on your computer letting the hackers take over.
So where we are again, talking about Java and trying to help folks know what to do with it.
My mind hasn’t changed since I last wrote about in an article called Java Security Problems Uncovered. There, I told you about the original security issues and gave you all the choices of what you could do. (You might want to read that article again, since nothing has really changed! CLICK HERE to go to it).
My advice to most of the students that ask, “what should I do”, is to just uninstall Java completely.
If you do happen to run across a program or web site that needs it, and you just HAVE to use that program or web site, you can always, easily, re-install it again. In fact, most programs will not only tell you it’s needed, but then link you over to Oracle where you can pick it up.
And if you’re wondering what programs need Java, the two that I know of and you may have heard of are…
I did a Google search for more examples of programs that use Java, but guess what? I couldn’t find any! What does that tell you?
As for web sites that use it, they are also becoming less frequent. I personally haven’t visited one site that needs Java in the past 6 months. And if I do find one, it will have to be a pretty darn good site for me to re-install Java so that I can visit it.
So again, my advice is to just get rid of the darn thing if you don’t need it (CLICK HERE to visit my last article on how to do that).
In case you are interested, here are some more articles you can read to learn even more about the Java problem:
- How Big a Security Risk is Java? (from last summer, but has lots of good background information).
- Homeland Security warns to disable Java amid zero-day flaw (from ZDNet)
- Beware of fake Java updates (from CNet)
- Do you need to uninstall Java? (from CNet)
- Oracle’s Java patch contains new holes (from PC World)
- How to disable Java (PC Magazine)
As always, I’d love to hear about your own personal experiences with Java and what you think about this big security mess! You can leave your comments below!