≡ Menu

Time to Patch Java

love_coffee_not_java

Java Patch Released

As you may have heard there is a significant security vulnerability in Java that is currently being exploited widely on the internet. This bug can be used to silently install keyloggers or other types of malicious software from compromised websites. Oracle has released a patch that you should install as soon as possible on all your computers and servers.

In addition, security researchers are recommending that you disable Java functionality in your web browser after installing the patch. This will help limit your exposure to bugs that will be exploited in the future.

You can download the patch here and then read below for instructions on how to disable java in your web browser.

Chrome

  1. Click on the Chrome menu, and then select Settings.
  2. At the bottom of Settings window, click Show advanced settings
  3. Scroll down to the Privacy section and click on Content Settings.
  4. In the Content Settings panel, scroll down to the Plug-ins section.
  5. Under the Plug-ins section, click Disable individual plug-ins.
  6. In the Plugins panel, scroll to the Java section. Click Disable to disable the Java Plug-in.
  7. Close and restart the browser to enable the changes.

Note: Alternatively, you can access the Plug-ins settings by typing about:plugins in the browser address bar.

Firefox

  1. Click on the Firefox tab and then select Add-ons
  2. In the Add-ons Manager window, select Plugins
  3. Click Java (TM) Platform plugin to select it
  4. Click Disable (if the button displays Enable then Java is already disabled)

Safari

  1. Choose Safari Preferences
  2. Choose the Security option
  3. Deselect Enable Java
  4. Close Safari Preferences window

Internet Explorer

  1. Open Internet Explorer. (See Screenshots below for help)
  2. Type ALT + T to activate the Tools menu and choose Manage add-ons. Choose “All items” from the Show drop-down menu. Disable “Java Plug-in –version number–.” It is safe to simply disable all of the items that begin with Java, but be sure to get this one. Close Internet Explorer.
  3. Type WINDOWS + R and type regedit (approve UAC prompt if necessary). Browse to HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Plug-in\{version}\UseJava2IExplorer and change (Default) to 0. 64-bit Windows users will need to change HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Plug-in\{version}\UseJava2IExplorer to 0.
  4. Download this text file, open it and save as disablejava.reg, run it to disable Java completely in IE.

 

Many Thanks to Naked Security and Shashi.co for these instructions

Type "Alt+T" then "Alt+A" to open Manage Add-Ons

Type “Alt+T” then “Alt+A” to open Manage Add-Ons

Show all addons

Show all addons

Select Java and choose disable

Select Java and choose disable

More Info

For further reading about this vulnerability I suggest:

{ 0 comments… add one }

Leave a Comment