Security Alert: Disable Java for all browsers until Sun releases fix

I'm not sure if folks have heard about this, but according to reports, unlike other security holes that are found by "white hats" and fixed before they can be used for Evil... this one is being used by hackers and some of you might have been compromised.

Therefore it is strongly recommended, by even the government, to disable Java until further notice.  For further information, here are a couple of links:

http://www.kb.cert.org/vuls/id/625617

http://thenextweb.com/insider/2013/01/10/new-java-vulnerability-is-being-exploited-in-the-wild-disabling-java-is-currently-your-only-option

Personally, I just uninstalled it on all of my machines.  Odds are, that you won't notice its gone.  I once ran my browsers for about a month after uninstalling and forgetting to reinstall, never had a website request that it be installed.

Sadly, it seems this has been "in the wild" for a while, and now they're just getting around to alerting the public about it.

Yep Ars Technica confirms disabling this. Thanks for bringing this up, Sekkerhund.

» Edited on: 2013-01-12 20:28:51

Even Homeland Security recommends disabling Java... http://www.forbes.com/sites/eliseackerman/2013/01/11/us-department-of-homeland-security-calls-on-computer-users-to-disable-java/ (article has simply instructions on how to disable Java on a Mac, and a link to a guide on how to uninstall it on Windows) Thanks for posting – I don't know if I would have heard about it otherwise! (edit: no idea how to make a link, lol)

» Edited on: 2013-01-13 11:53:22

That's one reason I love Firefox. I went to disable Java and it had been automatically blocked by the browser on Oct. 30th. Good hunting

I've removed Java for now but Bharel's comment about Firefox makes me wonder if I should shift from Chrome back to Firefox (both installed either way).

After a bit of research, I can't give all the credit to Firefox, NoScript was actually the one to block it. My fiancee's laptop has Firefox installed, but not the NoScript plug-in (it annoyed her too much). Java had a warning on the plug in, but Firefox itself didn't disable it. I had to manually remove Java from her computer, Add/Remove programs kept asking me to run a program from an unknown source during the uninstall. So I went in and deleted the Java folders themselves and used CCleaner to get rid of any leftover bits and clean up the registry. I'm now running a few different virus and root kit scans.

Hum....I never installed Java on this computer thankfully. Not much uses it anymore.

Hmm, I use firefox mainly and went in to see what was up cause it kept blocking java and found this thread. Very happy even though it wasn't auto disabled they made it block java when it tried to launch. I disabled it now though:) better safe than sorry right?

» Edited on: 2013-01-13 23:50:04

Looks like a new version has be released that fixed the major security hole reported. Java Fix Release

» Edited on: 2013-01-14 08:32:20

I use Firefox exclusively (writing this post in FF 19.0) and I can guarantee that it doesn't block the flawed Java runtimes (Java 7 Update 10 and older). If anyone's FF browser was blocking Java, it was due to something else you had installed (a good thing, it would seem). Of course, the FF folks might have pushed something out after I wrote this post, but I haven't noticed any browser updates. Also, I fixed the links above, I was over-doing how I made the links click-able, I guess I didn't need to use the [url] BBcode tag.