Hackers Using Java, U.S. tells computer users to disable Java Software

LATEXXX COMMANDO · Jan 11, 2013

http://www.cbsnews.com/8301-205_162-57563619/u.s-tells-computer-users-to-disable-java-software/

The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.

The recommendation came in an advisory issued late Thursday, following up on concerns raised by computer security experts.

Experts believe hackers have found a flaw in Java's coding that creates an opening for criminal activity and other high-tech mischief.

CNET's Topher Kessler writes:

"The malware has currently been seen attacking Windows, Linux and Unix systems, and while so far has not focused on OS X, may be able to do so given OS X is largely similar to Unix and Java is cross-platform.

Even though the exploit has not been seen in OS X, Apple has taken steps to block it by issuing an update to its built-in XProtect system to block the current version of the Java 7 runtime and require users install an as of yet unreleased version of the Java runtime.

Luckily with the latest versions of Java, users who need to keep it active can change a couple of settings to help secure their systems. Go to the Java Control Panel that is installed along with the runtime, and in the Security section uncheck the option to "Enable Java content in the browser," which will disable the browser plug-in. This will prevent the inadvertent execution of exploits that may be stumbled upon when browsing the Web, and is a recommended setting for most people to do. If you need to see a Java applet on the Web, then you can always temporarily re-enable the plug-in.

The second setting is to increase the security level of the Java runtime, which can also be done in the same Security section of the Java Control Panel. The default security level is Medium, but you can increase this to High or Very High. At the High level, Java will prompt you for approval before running any unsigned Java code, and at the Very High level all Java code will require such approval, regardless of whether or not it is signed."

Java is a widely used technical language that allows computer programmers to write a wide variety of Internet applications and other software programs that can run on just about any computer's operating system.

Oracle Corp. bought Java as part of a $7.3 billion acquisition of the software's creator, Sun Microsystems, in 2010.

Oracle, which is based in Redwood Shores, Calif., had no immediate comment late Friday.
Click to expand...

Yeast** · Jan 11, 2013

Java exploits get fixed pretty fast.. except in Apple products because apple insist on having their own "iJava" lol

bubkusjones · Jan 11, 2013

Yeast said: ↑

Java exploits get fixed pretty fast.. except in Apple products because apple insist on having their own "iJava" lol
Click to expand...

iKnow, right?

Fishmonger · Jan 11, 2013

Nice nugget of info to know. Danke, TS.

WrestlingIsReal · Jan 11, 2013

bubkusjones said: ↑

iKnow, right?
Click to expand...

iSee what you did there.

Satanical Eve · Jan 11, 2013

No Script is where its at folks. Pre-emptively blocks malicious scripts and allows JavaScript, Java and other potentially dangerous content only from sites you trust. Install it and use it.
http://noscript.net/

tsuifuku · Jan 11, 2013

Satanical Eve said: ↑

No Script is where its at folks. Pre-emptively blocks malicious scripts and allows JavaScript, Java and other potentially dangerous content only from sites you trust. Install it and use it.
http://noscript.net/
Click to expand...

NoScript is a bit of a pain to deal with but I run it on my browser because of stuff like this

fdswer · Jan 12, 2013

Like the average person knows how to disable java or anything about it

Doughbelly · Jan 12, 2013

Yeast said: ↑

Java exploits get fixed pretty fast.. except in Apple products because apple insist on having their own "iJava" lol
Click to expand...

Yes, except Apple handed off doing Java updates on its own to Oracle over a year ago, removed Java from its default OS install over two years ago and disabled its Java browser plugin over two months ago, so....

Michaelangelo · Jan 12, 2013

Sherdog knows about this from experience.

Thai Otoshi · Jan 12, 2013

AdBlock Plus + NoScript = no worries.

marioh · Jan 12, 2013

at least once a week i mutter "f'ing java".

Log in or Sign up

Hackers Using Java, U.S. tells computer users to disable Java Software

LATEXXX COMMANDO Ominous Flesh Discipline Platinum Member

Yeast** Red Belt

bubkusjones Brown Belt

Fishmonger All Your Base Are Belong to Us

WrestlingIsReal Purple Belt

Satanical Eve Cro Cop's Left Leg Platinum Member

tsuifuku Black Belt

fdswer Brown Belt

Doughbelly action scientist αlpha-nerd

Michaelangelo That doesn't work for me, brother Platinum Member

Thai Otoshi Gold Belt

marioh Red Belt

Share This Page

X

Log in or Sign up

Hackers Using Java, U.S. tells computer users to disable Java Software

LATEXXX COMMANDO Ominous Flesh Discipline Platinum Member

Yeast** Red Belt

bubkusjones Brown Belt

Fishmonger All Your Base Are Belong to Us

WrestlingIsReal Purple Belt

Satanical Eve Cro Cop's Left Leg Platinum Member

tsuifuku Black Belt

fdswer Brown Belt

Doughbelly action scientist αlpha-nerd

Michaelangelo That doesn't work for me, brother Platinum Member

Thai Otoshi Gold Belt

marioh Red Belt

Share This Page

X

Useful Searches