New Java zero-day exploit adopted by online criminals
Right now cybercriminals are exploiting a zero-day vulnerability in Java that could lead to your computer becoming infected by malware. Although Oracle has known about the vulnerability since April, the company has only just issued a patch to fix the problem and other vulnerabilities affecting Java 6 and Java 7. That's why you should take action now and deploy the patch to protect yourself against these exploits.
We now know that cybercriminals are currently using an exploit that affects Java 7 running on all browsers and operating systems (Windows, OS X and Linux). Criminals have exploited similar flaws in Java to infect more than 600,000 Macs with the Flashback malware.
We also recommend that you seriously consider disabling Java in your browsers to stay protected against these security holes.
Should I disable Java in my browser?
You can do something right now to stay safe from attackers exploiting Java. Even if you absolutely must use websites that require you to have Java installed, why not disable it in your main browser and have an alternative browser just for visiting that website?
Follow these links below for instructions from our experts at Naked Security, explaining how to disable Java in all of the most popular browsers.
Want to know more?
If you want to learn more technical details, read the analysis of the Java zero-day vulnerability from our SophosLabs experts in the vulnerabilities section of our Threat Center.
Listen to our Naked Security experts Paul Ducklin and Chester Wisniewski discuss all things Java, including risks and rewards, in their latest podcast.
00:16:19 - 31 Aug 2012
Download the podcast
Sophos Techknow - All about Java
Java brings with it some significant risks, yet for many people, it's "just there on my computer." In this episode, Duck and Chet tell you All about Java, and help you to make an informed decision in balancing its risks and rewards at work and at home.
You can learn more about zero-day threat protection by following the link to our security trends article on the topic. And if you prefer some less-technical advice on staying safe when you browse the web, read our whitepaper on the Top 5 Myths of Safe Web Browsing.