The US Department of Homeland Security warns its users to disable, or even, uninstall Java software due to several warnings from security experts about Java’s inherent threat to security.
Java is a well-known programming language and computing platform that a lot of Internet users utilize in order to be able to produce utilities, games and business applications. It was first released by Sun Microsystems in 1995. Currently, Java proclaims itself to be used by at least 850 million personal computers worldwide – billions, if you include all mobile and TV devices.
Java also promotes itself as “fast, secure and reliable”, as included in their official Web site.
Why, then, is the US Department of Homeland Security advising countless Java users to disable and even uninstall Java?
And just how serious can this situation be, that even the US Department of Homeland Security is issuing warnings to concerned individuals and business to take precautionary measures against using Java?
Well, this seems very serious, actually.
It seems that hackers were able to discover a major flaw in Java 7 security. This aforementioned weakness is something that is worth to be considered – it can even allow the installation of malicious software, also known as “malware”, on different machines and gadgets.
If you think this isn’t so bad, consider this scenario: Java can actually increase your chances of being scammed and robbed off of your personal identity!
Another thing that this weakness can bring about is that it can also authorize, without your consent, your participation in bringing down networks or in attacking Web sites as well.
US Computer Emergency Readiness Team (CERT) released an advisory regarding Java 7 security. It was quoted that they are currently unaware of a practical solution to the problem, as posted on their Web site. They also added, “This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available.”
Clearly, these exploit kits are available to the general public, considering that the latest flaw is currently being exploited in the wild. This latest flaw is already being used in the Cool EK, Nuclear Pack, Redkit, Blackhole, and Sakura exploit toolkits. Sadly, criminals abuse this in order to make thousands of money, as reported by a researcher who saw the crime in action.
A lot of individuals who use Java, such as Linux, Windows and Mac users, are subsequently advised to disable or even uninstall Java as soon as possible in order to lessen any damaging blow. It looks like accessing other Web content, applications and games can be done some other time, then?
It is a common occurrence for government agencies to warn the public against security threats. However, actively warning and blatantly asking the public to disable or even uninstall a particular software are not done very often.