Solved

Should we be alarmed?

Posted on 2013-01-11
5
371 Views
Last Modified: 2013-01-11
Hi guys,

I just heard the Homeland Security announcement about not using Java in browsers. Does that mean we need to be uninstalling current versions? The information seems to be sketchy and Oracle is not commenting. Do you have suggestions about what an end-user should be concerned about? Do we need to uninstall Java totally?

Thanks!
0
Comment
Question by:webtechgal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 13

Assisted Solution

by:Ugo Mena
Ugo Mena earned 250 total points
ID: 38768736
deactivate the plugin in your browsers.

For Windows and Ubuntu: use Chrome or Firefox browser. Install one of the various script blocking browser plugins, like NoScript or NotScript (Google Play Store).
Mac: use NoScript, NotScript, or JavaScript Blocker (http://javascript-blocker.toggleable.com/)

Pretty much disables all scripts from running in the browser until you actually allow them to run.

When you first install NoScript or similar, you will have to whitelist your regular sites. But once they're whitelisted, it requires less interaction. How many websites do you actually visit on a routine basis? Whitelist those & you're done.
0
 
LVL 50

Accepted Solution

by:
jcimarron earned 250 total points
ID: 38768850
0
 
LVL 4

Author Closing Comment

by:webtechgal
ID: 38769022
Thanks for the feedback from both of you. I am thinking there will be more fallout from this in the future. I have been getting more clients who seem to suddenly "get" infected somehow. I will now be adding to my list of things to check on machines - how up to date their Java software is, and disabling it for their browser(s). Thanks!
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 38769067
Good luck. There is also a great writeup on www.thenextweb.com site
Java Zero Day
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 38769091
webtechgal--In order to access the disabling mentioned on the Oracle site
http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html#disable
you have to access the Java Control Panel ( javacpl.exe )|Security tab, not from Windows Control Panel|Java|Security tab.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
How to create a custom search shortcut to site-search Experts Exchange using Google in the Firefox browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch your Bookmark Menu: Press 'Ctrl +…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question