Solved

Should we be alarmed?

Posted on 2013-01-11
5
367 Views
Last Modified: 2013-01-11
Hi guys,

I just heard the Homeland Security announcement about not using Java in browsers. Does that mean we need to be uninstalling current versions? The information seems to be sketchy and Oracle is not commenting. Do you have suggestions about what an end-user should be concerned about? Do we need to uninstall Java totally?

Thanks!
0
Comment
Question by:webtechgal
  • 2
  • 2
5 Comments
 
LVL 13

Assisted Solution

by:Ugo Mena
Ugo Mena earned 250 total points
ID: 38768736
deactivate the plugin in your browsers.

For Windows and Ubuntu: use Chrome or Firefox browser. Install one of the various script blocking browser plugins, like NoScript or NotScript (Google Play Store).
Mac: use NoScript, NotScript, or JavaScript Blocker (http://javascript-blocker.toggleable.com/)

Pretty much disables all scripts from running in the browser until you actually allow them to run.

When you first install NoScript or similar, you will have to whitelist your regular sites. But once they're whitelisted, it requires less interaction. How many websites do you actually visit on a routine basis? Whitelist those & you're done.
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 250 total points
ID: 38768850
0
 
LVL 4

Author Closing Comment

by:webtechgal
ID: 38769022
Thanks for the feedback from both of you. I am thinking there will be more fallout from this in the future. I have been getting more clients who seem to suddenly "get" infected somehow. I will now be adding to my list of things to check on machines - how up to date their Java software is, and disabling it for their browser(s). Thanks!
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 38769067
Good luck. There is also a great writeup on www.thenextweb.com site
Java Zero Day
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38769091
webtechgal--In order to access the disabling mentioned on the Oracle site
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html#disable
you have to access the Java Control Panel ( javacpl.exe )|Security tab, not from Windows Control Panel|Java|Security tab.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now