Protect your computer better by keeping Java updated, or eradicate it completely.
Yasin Soliman explains.
Whichever web browser you are using, you should know that using any plugin runs the risk of putting your system – and your data – in increased peril.
Yasin Soliman reports.
For twenty years people have been running Java in their browsers. And for much of that time, malicious hackers have been exploiting vulnerabilities in the plugin to infect computers.
Read more in my article on the Tripwire State of Security blog.
You would probably like to imagine that if you have been religiously installing Java security updates over the years that you’ve been doing your bit to reduce the opportunities for hackers to exploit the software on your computers.
Well, it’s not quite as simple as that.
Read more on the Hot for Security blog.
As patches for 154 vulnerabilities are announced, consider for a second how it must suck to be Eric Maurice – the guy in charge of software security assurance at Oracle.
Oracle issued a Godzilla-sized Critical Patch Update on Tuesday, fixing a stonking 193 new security vulnerabilities in its software.
And with at least one new Java vulnerability being actively exploited in the wild, it’s time you did something about it.
Operation Pawn Storm is up to its dirty tricks again, this time with what is claimed to be the first new Java zero-day vulnerability in two years.
Read more in my article on the Lumension Optimal Security blog.
I think it’s great that Oracle is showing its contempt for Java users in this way. The company’s transparency should be applauded.
Oracle’s latest security update is said to fix 20 vulnerabilities in Java, all of which can be exploited by remote hackers bent on breaking into and compromising your computer. You should be asking yourself if you need Java at all…
Learn more in my article on the Intego Mac Security blog.
Hold your horses… Java may not be quite as dead as you thought on Windows XP.
But maybe it should be…
For those of us concerned with securing systems and keeping computer data safe, Java has been a nightmare.
It’s time for Oracle to get serious about Java security updates.
Later today, Tuesday 14 January, Microsoft will be releasing its first bunch of scheduled security patches for 2014.
And the good news is that it’s – by normal standards – not too huge, making life that little bit less arduous for IT teams and system administrators around the world.
Oracle says that it is strongly recommending that customers apply the patches “as soon as possible” because of “the threat posed by a successful attack.”
We’re still not safe with our computers, even with all the great improvements.
But – as Mikko Hypponen points out – at least we don’t see flights grounded and trains stopped by malware every other week, like we did in 2003.
Java is getting a bad name for security, so it’s no surprise that more and more people are keen to permanently remove it off their computers rather than risk being hit by a malware attack.
A security research team that has alerted Oracle to a series of security flaws in Java in the past, says that it has uncovered new zero-day vulnerabilities in the software.