Java is everywhere, the website for this programming language and computer platform declares. But is it still the safe technology it once was, or has it become a gateway into your devices for malware?
Sun Microsystems introduced Java, a program that powers business applications, games and utilities all over the web, in 1995. Java’s website says it runs on more than 850 million PCs globally, and many more mobile and television devices. It’s been an underlying presence for web pages for years.
But Java’s latest version, Java 7, made headlines for a security flaw.
The issue: Java’s security sandbox can be bypassed completely, according to Security Explorations, a Polish security and vulnerability research company. Now, hackers have zeroed in on a security hole Oracle, an object-relational database management system, recently fixed.
Go after the proper culprit
Vulnerabilities continue to mount even after patches and updates up to an including Java 7.11.
It’s a software package installed separately from your browser. It’s used to create and operate software applications such as code editors, web servers, and word processors. Java’s applets – stripped-down Java programs that run inside the browser –are now targets for recent bugs.
If those applets fail – Java can become a delivery portal for malware.
What should you know?
In Chrome and Internet Explorer, you’ll have to add a plug-in to use a click-to-play function.
Mozilla has a Click to Play function – which allows you to decide whether to let a Java applet run on a page you visit. The Java plugin in Firefox might expose users to problems, too. In January, Oracle released an update, too, that must be downloaded.
What should you do?
No matter how you get your Internet service Java, despite patches and updates, brings risks of malware. Remove it entirely. We have things such as HTML5 which allow us to do so much on the Internet, and don’t need Java.
If you remove Java, you’ll get a popup when you visit a site that requires it.
Type chrome://plugins in address bar
Identify all Java instances on the plugin page
Use Windows-r to call up the run box
Hit enter to access Windows Registery Editor
Navigate to key HKEY_CURRENT_USER\\Software\\Microsoft\\Windows|CurrentVersion\\InternetSettings\\Zones\\3
Change value of the key 1C00 to 0
Restart or log off and on
Type about:addons in address bar
Switch to plugins listing on left
Locate Java entries
Click disablebutton to turn off Java in browser
- Type opera:plugins in address bar
Find all Java entries
Click disable link on each row
If you have Java enabled in your browser, you can use the feature for click-to-play. This feature gives a warning when an applet, Java or otherwise, wants to run something outside your browser. Remember, many other elements outside your browser vendor can carry risks, too.
The bottom line
Java, once a revolutionary program for the Internet, is now more of a security risk than an asset. Many Web users will find they don’t need the program any longer – and they definitely don’t need the threat to their device’s security that it brings now, too.