The U.S. Department of Homeland Security is urging all computer users to temporarily disable or uninstall Java software on their computers. That includes Windows and Apple Macintosh computers.
This is an intensification of warnings from internet security experts that, essentially, any and every business and consumer user is exposed to a flaw in Java.
Java is used on virtually every Windows, Mac and Linux computer to enable interactive content, including many popular game websites, such as Pogo.com.
A fix for the security hole in Java is expected to be released in a few weeks, but DHS taking the step of recommending just turning Java off until the fix is ready.
The problem is that cybercriminals have discovered a weakness in Java 7 security that allows them to install of malicious software and malware on machines without the permission of the user.
This malware is used for computer identity theft, or hijack-and-ransom – where the hijackers lock up a computer and then demand payment to unlock it –, or turning the computer into a robot tied into a network of “bots” that can be used to carry out attacks against government or corporate Web sites.
The criminals are even selling kits to one another to enable exploiting this hole in Java.
“We are currently unaware of a practical solution to this problem,” said the DHS’ Computer Emergency Readiness Team (CERT) in a post on its Web site on January 11. “This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits.”
Java should be disabled in each web browser that is used. In Chrome, Firefox and Safari it is possible to deactivate the “Java Plugin” in the browser options or preferences. For Microsoft Internet Explorer, disabling the plugin will not fully disable Java. There are some complex steps that can be done to disable it, but the easiest and most effective step for Internet Explorer is to uninstall Java from your computer.
Detailed instructions for removing or disabling Java can be found at several websites. Search Google or Bing for “how to disable Java.” Or, as always, give me a call if I can be of assistance. Mike Pepper ~ Computer Guy; 845-855-5824. www.PawlingComputerGuy.com