Sunday, January 20, 2013

Update Java Jan 20, 2012


You may have recently seen some of the extensive news coverage, including statements from the United States Department of Homeland Security, regarding a vulnerability in Java.

What is Java? Java is both a language and a platform to run websites and programs used by many computer users, both on the PC and Mac operating systems. It’s also used by many other kinds of technology, from smartphones to parking meters to game systems. This vulnerability leaves millions of computers open to malware attacks and can lure online traffic to virus-infected websites.

Where is Java found on my computer? The manufacturer probably installed it. If you have automatic updates for Java on Windows turned on (it’s called Java Auto Update), it’s updating itself.  To configure Auto Update, you will need to open your Java program. For most Windows users it is found within the Control Panel. Java should update itself automatically for Mac users as well, but in case you aren’t sure, you can find information on updating Java for Mac here.

What's the problem?  Java 7 has a vulnerability, unless you install the latest patch. This Internet security "hole" can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Should you visit an infected or compromised web site, there are toolkits allowing someone to gain control of your computer by leveraging the hole in Java. Last week, the US Department of Homeland Security issued a warning to Americans, recommending we temporarily disable Java on our computers to minimize hacking opportunities.

How do I fix it?  Visit the Oracle Java site to learn if you have the latest version. Click the “Do I have Java?” link to determine which version you have.
  • Update your Java to get the patch available to fix the issue. At this writing, the latest version with a patch to address this vulnerability is 7.11. (Read our update.)
  • Take this opportunity to review your security software. Make sure your subscription is still valid and the product is up to date. 

  • Review your operating system (like Microsoft IE) and other key programs (like Adobe Reader as we suggested here) to be sure you are using the most current versions and have applied all appropriate patches.  

To learn more, please view:
Oracle Security Assurance blog: https://blogs.oracle.com/security/entry/security_alert_for_cve_2013

The New York Times:
http://bits.blogs.nytimes.com/2013/01/14/department-of-homeland-security-disable-java-unless-it-is-absolutely-necessary/


What precautions do you recommend? Please post a comment below!

No comments:

Post a Comment

We appreciate all feedback and encourage you to comment on this blog. Our online team will respond to new issues addressed in comments with future posts on this blog. If you are asking a question click the 'Subscribe By Mail' link below the comment form to be notified of replies.

Our e-mail address is bigfamilynews.info@gmail.com. You can find us on Twitter @BigFamilyNews, or by subscribing to our RSS feeds.