Department of Homeland Security Issues Warning To Computer Users
By Art Gallagher
If you’ve been surfing the net over the last few days, you are very likely at risk for identity theft. Your networks could be at risk.
The U.S. Department of Homeland Security has announced that hackers have discovered and are exploiting a flaw in Java security that could allow the installation of malicious software and malware on your computer.
DHS is recommending that computer users disable or uninstall Java until further notice.
Most anti-virus, firewall and malware detection programs are not preventing this vulnerability from being exploited.
For instructions on disabling or uninstalling Java click here.
This is a serious problem that has not yet been widely reported in the media.
For more detailed information, read this article by Brian Krebs at KrebsOnSecurity.com
UPDATED: Computer Experts Recommend Disabling Java Unless You Know You Need It
More from my site
Computer Security Experts: Disable Java Unless You Know You Need It
Hackers Demand $30K To Unlock Newark’s Computers
Congressman Smith: Reports that he voted against the wall are inaccurate
Belmar’s Sandy debris removal costs questioned by federal auditors
FEMA Makes A Deal With Russian Emergency Ministry
Middletown Democrats, Asbury Park Press Follow MMM’s Lead In Endorsing Pallone
Get Election Results Live At MoreMonmouthMusings
Bellew Attacks MMM
Winners and Losers of 2014
Milestone
did it two days ago….disable all java in your browsers!
To the anonymous naysayers who purport to be experts:
Use your real name and a verifiable email address. Otherwise, your “contributions” are unwelcome on this post.
Same Government that knows how much coke you can drink, and how much water you should flush in the toilet, they’re now also antivirus experts?
There’s also a Java update available that fixes the vulnerability:
http://www.java.com/en/download/manual.jsp
[…] released a fix to the Java vulnerability we reported last night. The company said another update is due out “soon.” You can access the fix […]
The jury is still out, regarding the effectiveness of Oracle’s newly released emergency patch.
As I stated in the comment section of More Monmouth Musing’s follow-up article, “…Java is the gift that just keeps on giving.”
Homeland Security warns Java still poses risks after emergency security fix:
Apparently, Homeland Security (US-CERT) doesn’t feel it’s safe to go back into the water yet.
The revised DHS warning, including statement on the Java emergency patch:
http://www.kb.cert.org/vuls/id/625617
“Solution:
Update to Java 7u11”
“Oracle Security Alert CVE-2013-0422 states that Java 7 Update 11 addresses this (CVE-2013-0422) and an equally severe vulnerability (CVE-2012-3174). Immunity has indicated that only the reflection vulnerability has been fixed. Java 7u11 sets the default Java security settings to “High” so that users will be prompted before running unsigned or self-signed Java applets.”
“Unless it is absolutely necessary to run Java in web browsers, disable it as described below, even after updating to 7u11. This will help mitigate other Java vulnerabilities that may be discovered in the future.”
Also see http://www.zdnet.com/homeland-security-warns-java-still-poses-risks-after-security-fix-7000009785/
[…] are referring to is one drawn on paper for rock, paper, and scissors. 2. If you serf the internet, you are at risk for identity theft. 3. Avoid using the words like cloud, flu, pork, or water on the internet. Don’t you just feel […]
[…] are referring to is one drawn on paper for rock, paper, and scissors. 2. If you serf the internet, you are at risk for identity theft. 3. Avoid using the words like cloud, flu, pork, or water on the internet. Don’t you just feel […]