odigg
500+ Head-Fier
- Joined
- Apr 1, 2008
- Posts
- 868
- Likes
- 26
Hi Everybody,
I thought I'd post a general note telling people to uninstall Java and the Java Runtime Environment (JRE) if you do not use it on your computer. Java seems to be installed on a lot of computers even when it doesn't need to be.
Why uninstall it? Java seems to have a lot of security holes and there are a number of exploits out there right now. It's easy to get a virus/trojan/malware without even realizing it.
I'll provide an example. I'm fairly competent with computers and computer security. My home computer has security software and I typically run my primary browser (Firefox) in a sandbox (via Sandboxie).
I occasionally use Opera. This morning I fired up Opera and went to a very popular computer hardware forum. A few seconds after the page loaded Java started up (as indicated in the system tray) and my security software stated it had found 2 infected files. A few seconds later the trojan had taken over, before my security software could clean it. The security software was then shut down, task manager was disabled, etc. I had to reboot into safe mode to deal with it.
I had not seen any prompts to run the trojan. This software had used a Java exploit to bypass all the security protections, including the operating system prompting me to allow/prevent this program from running.
This is not just a Windows problem. Java runs on OSX and Linux as well and has exploits on every operating system. The Java issues are beyond operating systems and web browsers. You can keep your Java updated (as I did) but that won't solve all the problems. If you don't need Java uninstall it and you won't have to worry about Java exploits.
I thought I'd post a general note telling people to uninstall Java and the Java Runtime Environment (JRE) if you do not use it on your computer. Java seems to be installed on a lot of computers even when it doesn't need to be.
Why uninstall it? Java seems to have a lot of security holes and there are a number of exploits out there right now. It's easy to get a virus/trojan/malware without even realizing it.
I'll provide an example. I'm fairly competent with computers and computer security. My home computer has security software and I typically run my primary browser (Firefox) in a sandbox (via Sandboxie).
I occasionally use Opera. This morning I fired up Opera and went to a very popular computer hardware forum. A few seconds after the page loaded Java started up (as indicated in the system tray) and my security software stated it had found 2 infected files. A few seconds later the trojan had taken over, before my security software could clean it. The security software was then shut down, task manager was disabled, etc. I had to reboot into safe mode to deal with it.
I had not seen any prompts to run the trojan. This software had used a Java exploit to bypass all the security protections, including the operating system prompting me to allow/prevent this program from running.
This is not just a Windows problem. Java runs on OSX and Linux as well and has exploits on every operating system. The Java issues are beyond operating systems and web browsers. You can keep your Java updated (as I did) but that won't solve all the problems. If you don't need Java uninstall it and you won't have to worry about Java exploits.
