Java has faced significant challenges over the past year, as numerous vulnerabilities have been uncovered. These discoveries suggest that Java’s security may not be as robust as Oracle had initially expected. Consequently, Java has become a prominent target for cyber attacks. In light of these concerns, there is a growing debate among security experts about the wisdom of average computer users retaining Java on their systems. I concur with this perspective, as the risks associated with Java’s security vulnerabilities are increasingly apparent.
In the security community, we have a concept known as “attack surface”. Your attack surface is any area of your system that could potentially be exploited by an attacker to compromise your system security. Obviously, the smaller your attack surface, the less opportunity there is for an attacker to exploit your computer. The great thing about Java is that it runs on a wide variety of computing platforms, making it possible for Java applications to run anywhere Java can be installed. The terrible thing about Java is that it runs on a wide variety of computing platforms, making it possible for Java vulnerabilities to run almost everywhere. This makes Java an ideal target for malware authors. And because Java installs its browser plugin by default, the only action a user needs to take to risk having their system infected is to visit a malicious or infected website. This is true even with fully up to date web browsers. That’s bad. Really bad.
Unless you absolutely need to have Java installed, it’s time to ditch it. To uninstall Java, open your Control Panel and select “Add or Remove Programs” (if you’re using Windows XP) or “Programs and Features”. Select Java and press “Uninstall”.
If you do need to have Java installed you should at least attempt to disable the Java browser plugin, which is where most Java vulnerabilities are exploited. The official Java website provides a walkthrough of how to disable Java in all major browsers here.
9 Comments
Great write-listing about Java. I have always been a bit nervous, but……………??
I have not deleted it yet because I’d like to know some times Java necessary?
Yes, some programs do require Java. If you don’t want to uninstall Java entirely you can still disable it in your browser by following the instructions here: https://www.java.com/en/download/help/disable_browser.xml
Great info – and to think I nearly deleted the Zookaware newsletter without reading it !!
Thanks. This was helpful. Keep your newsletters useful and informative like this and I won’t unsubscribe!
Years ago I chuckled at the word ZOOKAWARE but decided to try it. Now I bless the day I stumbled on ZOOKAWARE because it outperforms all the other, even more expensive better known, programs on the market that get rave reviews from top rated computer magazines. Performance counts and that’s where ZOOKAWARE wins hands down! Congratulations and thank you for consistently doing a super job. Keep it up.
ZOOKAWARE outperforms all the other programs I’ve tried, even more expensive ones rated as the best by top computer magazines. ZOOKAWARE blows them all into the weeds. Long live ZOOKAWARE.
I had already disabled Java from my Browser, and now I’ve removed it completely from my system ! Thank you for your e-mail and Blog.
I disabled Java and now Facebook will not hardly run at all. My internet was slow before due to an old computer but now it is terrible. Should I enable Java again and how? The control panel doesn’t have an enable button.
Facebook shouldn’t be affected by Java in any way. If you want to try re-enabling Java you can find out how here:
http://java.com/en/download/help/enable_browser.xml
But that probably won’t solve your problem. You’d probably be better off resetting your browser to default settings as a first troubleshooting step.