This will allow you to check if your browser has Java enabled, and if so, which plug-in version is it running. You can see whether your browser is running Java at. A growing number of security experts recommend not installing Java if you don't already have it, and perhaps even getting rid of it if you do. (Java shouldn't be confused with JavaScript, an unrelated language used for enabling features on web pages.)Īt one time, Java was absolutely necessary if you wanted to be able to use your computer for, well, just about everything. Third, many users aren't aware that Web browsers are configured with Java plug-ins enabled, which makes them susceptible to drive-by malware attacks targeting older versions of Java. Second, if software that an organization depends on was written using older versions of Java, upgrading Java may cripple or altogether disable that software. The big problem is that Java installations aren't being patched, Carey said, which is a problem that can be traced back to three main issues.įirst of all, organizations are often unaware of the security implications of not patching their software. "This makes Java exploitation as simple as it gets, even if the attacker has no technical skills at all." Patch Java, or disable it? "Java vulnerabilities are addressed in every single major exploit pack available through underground markets, such as the Blackhole exploit pack, Eleonore pack and Crimepack, among others," Catalin Cosoi of Bucharest, Romania's Bitdefender said. Java is a favorite target of cybercriminals because it is so easy to exploit, and also because users are frequently using outdated versions of it. "In many cases, simply tricked the users into believing that their Java web applets were actually Java software updates from Apple, Inc." "Later on in the distributions, the Flashfake operators abused the vulnerabilities in those Java installs and new installs by delivering Java exploits from malicious websites," said Kurt Baumgartner, senior security researcher with Moscow-based Kaspersky Lab. (Java is not bundled into "clean" installations of Lion, but can be added later.) Java was bundled into Apple's Mac OS X 10.6 Snow Leopard by default, and kept on if a Mac user upgraded his machine from Snow Leopard to Mac OS X 10.7 Lion. Java has a long history of security vulnerabilities, which are now coming to the public's attention because of the widespread infection of Macs in late March by the Flashback, also called Flashfake, malware family.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |