With an eye on the security of millions of Internet users, the US Department of Homeland Security is advising Americans to temporarily disable Java, a software commonly used in Web-browser programs.
It’s not that Java itself contains a malicious computer virus. The problem is what the agency calls a software “vulnerability,” a kind of open door for hackers to infiltrate a computer. That can result in identity theft or other bad things happening on your computer.
“We are currently unaware of a practical solution to this problem,” said a notice released this week by CERT, a group sponsored by the Homeland Security Department’s cybersecurity division. The group is based at Carnegie Mellon University in Pittsburgh.
The recommendation highlights the rising threat level in the realm of cybersecurity, and the growing efforts to make devices and networks more secure. The vulnerability in Java is just one piece of that puzzle, but it’s significant because the software is so widely used in Web browsing.
If you want to follow CERT’s advice and disable Java, how do you do that?
First, if you use a Mac computer from Apple, the answer appears to be simple. According to reports by technology websites including MacRumors.com, Apple has already moved to force a disabling of Java on Macs with the OS X operating system.
For other computer users, a first step may be to check what version of Java you’re running. The CERT announcements focus on Java 7. Computer-security blogger Brian Krebs notes some uncertainty about whether other versions going back to Java 4 are affected. But he points to evidence suggesting the problem is limited to version 7.
Oracle, the owner of Java, said on Twitter that the problem is limited to “JDK7,” or version 7, and that it hopes to have a fix available “shortly.” (JDK stands for Java Development Kit.) source: Christiansciencemonitor