Last Thursday, the U.S. Computer Emergency Readiness Team (US-CERT) of Homeland Security suggested disabling Java on computers due to security vulnerabilities. Java is a web programing language that is used for interactive web apps like games, webcam integration and other tasks.
This is the latest blow to confidence in Java — it has long had a cloud of security risk hanging over it and along with the Flashback trojan that exploited a security flaw in Java to infect half a million Apple computers, this latest announcement may hit hard.
On Sunday, Jan 13, Oracle released a security update called 7u11 to fix vulnerabilities and also require the user to authorize the start of all unsigned Java applets and applications by verifying with a new Click-to-Run feature.
US-CERT and many other software security firms still suggest disabling Java in your web browser to be safe. As always, users needs to decide for themselves if they are up for the risk. You most likely will not miss Java unless you play a lot of online games or have a Java-built application for work or school. If you are jumping off the Java train you can disable it as follows:
In Safari:
In the top left hand corner click Safari > Preferences > Security and then uncheck “Enable Java”
In Chrome:
Type chrome://plugins in the address bar. Then find Java and click the blue “Disable.”
In Firefox:
Click the orange Firefox in the top left hand corner. On the left hand side click Add-ons > Plugins and then click “Disable” on the right side.
References:
http://www.pcworld.com/article/261843/time_to_give_java_the_boot_.html
http://www.pcworld.com/article/2025178/oracle-releases-java-fix-but-security-concerns-remain.html