Warning: Disable Java, Or Your Computer Security May Be at Risk
The Department of Homeland Security issued a warning Thursday, urging people to disable Java on their browsers. Yes, that means you.
There's a good chance you have Java installed even if you think you don't. It's a piece of software that's often used for Internet applications, especially online games. To access webpages that use it, you have to have a plugin installed on your browser.
The first time you used it, you probably installed it without thinking, just like Acrobat, Flash, QuickTime, and other plugins that are commonly used. But now might be the time to undo that.
The security issue is a potentially serious one. It could allow a remote attacker to put malicious code on your computer through a security vulnerability in Java 7, according to The Next Web.
The attacker gets a user to open an HTML document, either through a phony email message or a popup window. From there, that person can wreak havoc.
It doesn't help to use an older version of Java since those have security vulnerabilities too. The best move is to disable Java entirely, which works a little differently depending on your browser:
- If you own a Mac and use Safari, go to the Menu and select Preferences. Click the tab labeled "Security" and then uncheck "Enable Java."
- For Chrome users, simply type “chrome://plugins/” into the URL box. Then find Java and click "disable."
- For Firefox users, find the "Adds-on" tab or line; it may be under Tools or General depending on your version, on in the "Firefox" tab on the top left. When the Add-ons manager tab comes up, select Plugins from the list on the left and click the "Disable" button for anything that mentions Java or Java Applet.
- For Internet Explorer, the directions are more complicated, so check out this tutorial on PC Magazine's website for how to do it.
Once Java is uninstalled, you may not even notice that it's gone. But if you do find that you regularly use websites that require Java, there is a safe way to get it back.
Install a browser that you don't regularly use and enable Java on it. Then only use it for the websites that need Java. That will minimize the risk that you'll be using it when you click a malicious link.
In general, it's not a good idea to click on links from people you don't know or that pop up on your computer.
Also be wary of email from people you know that seem strange or uncharacteristic. That person could have been the victim of a virus so if you're unsure, send an email to ask them what's up before clicking on a link.
- Homeland Security urges computer users to disable Java (Chicago Tribune)
- Computer Crime (FindLaw)
- Do You Have Standing to Bring an Internet Security Claim? (FindLaw's U.S. First Circuit Blog)