Thursday

Latest Java Exploits Demand Action

Java is one of those things that most people don't know anything about - until it breaks or goes bad. Oracle now "controls" Java, and puts out updates on a pretty rigid schedule, except that exploits (bad stuff) appear on their own schedule (referred to as "zero day" exploits), and right now there are some bad ones out there. Updating Java won't help, as there is currently no update available to address these outstanding problems. What to do?


The most straightforward thing to do is probably to uninstall Java for now, but that may "break" some websites, and possibly even some installed software. The big issues right now stem from websites that deliver malware via your browser, so the next best option would be to disable the Java plugins that browsers use.


Here's how, courtesy of NakedSecurity (the Sophos Antivirus company blog).




java

No comments :