New Java 7 Exploit Can Be Dangerous

Java
The attack vulnerability is in Java 1.7 which most Mac Users are not using because you’d need to update to 1.7 manually.

Apple stopped bundling Java in 2011 when Lion was released. For users on Lion and Mountain Lion, who have Java installed, the operating system asks them if they would like Java to run. The situation is more so dangerous for Snow Leopard and Leopard users, because they do not have the same safety restrictions.

Best course of action is to uninstall Java and stay away from websites that look suspicious.

Check Which Version of Java is Installed

There are two ways to determine which version of Java is installed.

Check Version of Java Installed Using Java Preferences

  • Open the Applications folder and then open Utilities
  • Double-click on “Java Preferences”
  • Find the Java version under Name and Version, ie: Java SE 6

If you don’t have Java Preferences installed, that means you don’t have Java installed so you are safe. If you see “Java SE 6″ you are ok.

Check Version of Java Installed Using Terminal

  • Launch Terminal, found in /Applications/Utilities/
  • Type the following command exactly

java -version

Disable Java System-Wide

  • Open “Java Preferences” from /Applications/Utilities/
  • Uncheck “Enable applet plug-in and Web Start applications”
  • Uncheck “ON” next to Java SE

Disable Java Per Web Browser

Disable Java in Safari

  • Pull down the Safari menu and select “Preferences”
  • Click the “Security” tab and uncheck the box next to “Enable Java”

Disable Java in Chrome

  • Type “chrome://plugins/” into the URL bar, locate Java and click disable

Disable Java in Firefox

  • Open Firefox Preferences and under the “General” tab click “Manage Add-ons…”
  • Select “Plugins” and find Java (and/or Java Applet), click the Disable button

To sum up:

  • Java SE 7 (1.7) is unsafe
  • Java SE 6 (1.6) or lower is safe

Update 8/30/12: 

Oracle has released a security patch for the recent Java 7 exploit. You can download the new SE 7u7 update directly from Oracle:

Java SE 7u7 Update Via Oracle

It should be safe to re-enable Java.

Tagged with: , ,
Posted in Macintosh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Enter your email address to follow this site and receive notifications of new posts by email.

Join 195 other followers

Categories
Flickr Photos
Martin Scorsese

Alfred Hitchcock

Crater Lake

More Photos
Archives
Colophon
wordpress com stats plugin
%d bloggers like this: