Ditching Java might be a good move
Posted on 22 December 2011.
As unpatched Java vulnerabilities are frequently taken advantage by exploit kits and users often forget to update Java, F-Secure's Mikko Hypponen says that maybe it's time to consider doing without it.


"Do not confuse Java with JavaScript: it's hard to use the web without JavaScript. But JavaScript has nothing to do with Java," he explains, and shows that the popular BlackHole exploit kit has extreme success in exploiting a recently discovered Java Rhino vulnerability.

The problem with Java is that it has to be regularly updated, but many, many users aren't even aware of its existence on their computers. Also, until very recently, new versions of Java didn't automatically uninstall the old ones, which can be still found on systems and taken advantage of.

All in all, you might need Java for only a handful of pages or web applications you usually visit or use, so Hypponen advises leaving Java on your system but removing the Java plugin from the browser you use every day, then using another browser for only these sites and services.

He also points out that a move to Chrome should be considered, as Google's browser does not only block many Java exploits, but also doesn't use an Adobe Reader plugin to render PDF files and has a good sandboxing feature.






Spotlight

How safe are Android-based children’s tablets?

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Feb 26th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //