Recently, a Java exploit was discovered that is so severe that the Department of Homeland Security has gotten involved. The Emergency Readiness Team from DHS put out a notice saying “Due to the number and severity of this and prior Java vulnerabilities, it is recommended that Java be disabled temporarily in web browsers.” Around one billion computers may be affected by this exploit.
So how does this affect my computer? The exploits can make your computer, Mac or PC, vulnerable to a number of issues from ransomeware to viruses. Attackers could even take control of your computer.
Oracle plans to release a patch on Tuesday to close the astounding 86 vulnerabilities meaning that for the time being Java should be disabled. Tech blog Gizmodo has a right up for all commonly used browsers. Repost below:
Type “chrome://plugins” into your address bar. This will bring up a new tab. Find the item on the list that reads just plain “Java” and click below it where it says “Disable” in blue. Restart your browser.
Choose “Safari” and then “Preferences” on the taskbar or hit control and comma simultaneously (⌘-,). Click “Security” on the top row of the new window. Uncheck the box that reads “Enable Java” if checked. Restart your browser.
Internet Explorer 8,9, and 10
Go to the “Tools” menu and select “Manage Add-ons.” Go to the left of the window that pops up and in the drop-down box below the heading “Show:” select “All Add-ons.” Scroll down the list on the right of the window until you find a subheading under the category “Group” that reads “Oracle America, Inc.” Select each item and disable it with the “Disable” button in the bottom right-hand corner of the window. Restart your browser.
Go to the “Tools” menu and select “Add-ons” or hit ctrl, shift, and the letter ‘a’ simultaneously. Select “Plug-ins” on the left-hand side of the new tab that shows up. Scroll the list on the right-hand side of the screen until you find an item that reads “Java (TM) Platform [somethingsomethingsomething].” Click the “Disable” button on the right. Restart your browser.
Official posting from The Department of Homeland Security: http://www.us-cert.gov/cas/techalerts/TA13-010A.html
Update: Oracle has released a patch for the various vulnerabilities. Details from Oracle can be found at the link below: https://blogs.oracle.com/security/entry/security_alert_for_cve_2013