Jan 14

Java Exploit – again – this time its very serious

Java logoIn the past some spotty faced geek would decide that it has nothing better to do than to make our lives a misery by writing a virus or punching a hole into a piece of software we all rely on. I gather it has something to do with being inferior or not being breast fed as a baby; or something like that. Or it is the Russian mafia who decide to take advantage of some insecure coding from Microsoft or Apple or google and fleece everyone of their money because they dared to use a computer on the internet. In any event other geeks with even spottier faces would come to the rescue by finding these holes, plug them with better code and release the fix to the howling masses.

This has been the sequence of events when it has come to Java exploits but this latest one is different, very different.

Someone, deep inside a bunker in China no doubt, has discovered that Java, at its core, is insecure and it cannot be simply patched. The whole thing has been compromised and needs to be rewritten. It would be like finding out that the body of your car is made of blasting caps and if you hit anything bigger than a moth it will explode.

The US justice department – not known for getting involved in such things – has released a statement suggesting that people disable or remove java completely. This will certainly fix the issue but it will make things like web banking inoperable so thats not really acceptable. If you want to be safe against this exploit there are things you can do so you can continue to use Java based websites.

 

Change your browser

Safari or Chrome are very good at actively spotting bad websites and stopping them in their tracks. If you are currently using anything other than these browsers I would think carefully about making the switch.

Link Scanner

If you get regular health checks this software has already been installed on your Mac and is kept up to date. For those that don’t have regular checks I would recommend downloading and installing this software. But link scanner only works best if you visit all websites via a google search.

Be careful

Don’t click on links in emails from people you don’t know. Don’t visit websites that seem suspicious or offer deals “to good to be true” and stay clear of banner ads that pop up in your browser like these.

images Unknown-1 Unknown

 

 

Disable Java

If you’d rather be safer than sorry (and you don’t use web banking) then you can disable java from your web browser.

Safari

1. Click on the Safari menu and choose Preferences

2. Click on the Security tab

3. Uncheck Enable Java

HT5241-Safari_Preferences-001-en

 

Firefox

1. On the menu bar, click on the Tools menu, and then click Add-ons.

2. The Add-ons Manager tab will open.

3. In the Add-ons Manager tab, select the Plugins panel.

4. Click on the Java Plug-in 2 for NPAPI Browsers (Mac OS 10.6) or Java Applet Plug-in (Mac OS 10.7 and above) to select it.

5. Click on the Disable button (if the button says Enable, Java is already disabled).

Permanent link to this article: http://macservicesact.com.au/java-exploit-again-this-time-its-very-serious/

3 comments

    • Gordon Dutton on January 15, 2013 at 8:10 AM
    • Reply

    Can you disable this on the iPad. I sometime use my ipad to check my bank balances, but only when I am on my own wi-if or pay as you go mobile broadband. Is Firefox safe using Google or would it be best to use Safari until the Java problem is solved. I think I am due for another health check on my mac. Thanks Renny.

    1. Thanks Gordon but this is not the best way to contact me… email is much better.

  1. Thanks Moira but this is not the best way to contact me… email is much better.

Leave a Reply

Your email address will not be published.