Keep safe online: I strongly recommend disabling Java plugins in your web browser and consider uninstalling Java altogether. While this is more of an issue on Windows computers for the time being, Linux and Apple iOS users should also take action because Java based vulerabilities are easily redirected to attack any platform.
A recent Guardian article highlights increasing security vulnerabilities in Oracle’s Java which is routinely installed in your web browser. Java is the source of 50% of malware and virus attacks, and rising, making it an unacceptable security risk and you should disable Java plugins immediately.
The reason Java has become so vulnerable is that Oracle are unable to address Java security vulnerbilities quickly enough, and have insufficient motivation to put more resources into this task.
How To Keep Safe Online: Disable Java
Java plugins are not needed by most people, so you are unlikely to miss the functionality. Java is responsible for about 50% of all malware/virus attacks and the situation is set to worsen because Oracle are able or sufficiently motivated to deal with the issue—Java was inherited when they bought Sun Microsystems and is not essential to their business.
If you use more than one web browser you’ll need to disable Java plugins in each one. See “How To Disable Java Plugins” below.
Will Updating My Java Protect Me?
Updating Java won’t protect you at all. This is because there of a large backlog of known vulnerabilities which have not been fixed (so called “zero-day” threats). This is why Java is now very attractive to hackers and cyber criminals, and makes it likely that you will encounter Java based attack while you browse the web.
Will My Virus Scanner Protect Me?
Anti-virus software will can’t offer adequate protection, because these too are unable to keep up with the increasing number of new threats that have resulted from Java’s popularity with hackers. This means that you are quite likely to encounter a new kind of malware before it can be blocked by your anti-virus software.
So you should not use Java plugins in a browser unless absolutely essential.
What Happens If I Disable Java Plugins?
It is quite safe to disable the Java plugin in your browser. If any website you visit relies on it, which is not many, you will see a message in the browser asking you to install the Java plugin. If you really want, you could then re-enable the plugin, but first you should consider if you can do without it, or disable it again as soon as possible for obvious reasons.
What About Java On My Computer?
Some applications install Java on your computer without you realising because they use the “runtime” version of Java or “Java RTE”. This is very much less of a security issue than Java in a web browser, but if you can do without these applications you will and uninstall Java from your computer you certainly be improving your security (as well as disabling it in your browser—see “How To Disable Java Plugins” below).
To uninstall Java on Windows: open “Add and Remove Programs” in the “Control Panel” or search for “uninstall applications” in Windows Help. Then click on each of the “Java …” entries to uninstall (you may find several).
Java on your computer is much less of a risk than the browser plugin, so if there is something you use on your desktop which relies on this, you might choose to only disable the Java plugin in each of your web browsers (e.g. Internet Explorer, Chrome, FireFox, Safari, Opera etc.).
How To Disable Java Plugins
Here’s how to disable the Java plugin in the three most popular browsers:
How To Disable Java In Internet Explorer
Start Internet Explorer web browser. Press Alt-T (hold down Alt and press T) to open the tools menu. Click on “Manage Add-ons” to open the add-ons list. Locate any items with “Java” in the name, select each and click “Disable”. Make sure every “Java” item now shows as “Disabled” in the “Status” column. Then click “Close”.
How To Disable Java In Google Chrome
Start Google Chrome and type “chrome://plugins” in the address bar. Look for any “Java” plugins and click “Disable” for each you find.
How To Disable Java In Mozilla Firefox
Open the Add-ons page by pressing Ctrl-Shift-A or using the Tools > Add-ons menu. Click “Plugins” in the lower left of the add-ons page. Locat each Java plugin in the list and click “Disable”.