The Java Menace, Cont.
As I mentioned two days ago, tech people I take seriously are themselves taking seriously the threat of computers being hacked through a vulnerability in Java code. For the record, some updated info:
- The Department of Homeland Security -- and, yes, it's interesting that they are on this beat -- has issued an update on the problem and possible solutions. It points out that Oracle has released Java 7 Update 11 which according to Oracle addresses the currently known vulnerabilities.
- But the DHS goes on to make a case for a better-safe-than-sorry approach:
"This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates are available."
- Woody Leonhard of InfoWorld has a very useful step-by-step guide to dealing with this Java warning.