Two New Potential Java Security Issues Discovered

You’ve probably heard about the Java mess already. Java is probably the most important and famous product that Oracle has and yet right now bad news keeps plaguing Java with issue after issue.

The latest word is that two new potential vulnerabilities have been discovered by a Polish security firm. The uses are known as “Issue 54” and “Issue 55” and right now Oracle is currently investigating both reports regarding a weakness in Java 7 – though they haven’t confirmed the problem as of yet.

The Polish firm Security Explorations says that their aim is to conduct unbiased security analysis, and have found more than 50 security issues in the past, many of which are also related to Oracle’s java.

So What’s the Deal with Java?

While Java programs that are not web-based are just fine, there tends to be quite a few bugs and exploits that plague the platform online. While Oracle works hard to patch these issues, it is a never-ending battle and requires a user to keep up with all the patches and stay vigilant if they wish to keep Java running on their machines.

Do I really NEED Java?

Honestly the answer for most folks is probably going to be “no”. The truth is that fewer and fewer Java applets of importance are on the net. Sometimes there are also alternatives for these written in less exploit-friendly code.

The best bet isn’t to get rid of Java completely but to simply disable it from working with your browser. This means that you will still be able to use any Java apps that you come across offline, but when you navigate to a site that uses Java, it simply won’t load the Java applets.

So how do you disable Java then?

Whether you are a business user or an everyday consumer, keeping up with all the latest viruses, exploits and other online security issues is hard enough. Why add Java to the list of headaches when its uses are relatively minimal for most users?

Disabling the plugin is pretty easy, too:

Internet Explorer: There isn’t actually a way to disable Java specifically in Internet Explorer, but you can follow Java’s instructions for disabling in all browsers through Control Panel.

Firefox: Select tools from main menu, then Add-Ons. Click Disable next to any java plug-ins.

Chrome: Type “Chrome://Plugins” into your browser bar, then click “disable” button below any Java Plug-ins.

Disabling Java is just the best way to ensure that you don’t run into issues later, and many security experts are advising users to disable it now as well. In fact, even Mozilla (with Firefox) is starting to release new versions of their browser that have Java disabled by default.

What do you think, do you use Java on the web regularly for anything important or is disabling it not a problem for you? Share your thoughts below.

[ source ]

Please Leave Your Comments Below...