In this week’s Top Story, “Security alert: Remove Java from your browsers,” Woody Leonhard discusses why and how you should remove Java from your browsers.
From a malware-prevention perspective, the distinction between the two languages is important. It’s Java that we’re regularly updating on our PCs (if we have it installed). But even with the most up-to-date version of Java, we’re still vulnerable to malware attacks, as reported in an ISC Diary blog post.
The ultimate cross-platform application language
Many developers love Java because they can code an application once and run it on a wide variety of platforms. You’ll find Java on Windows, OS X, Linux, and Android devices. According to Oracle, it’s also found on many dedicated devices such as cable boxes, DVD players, and routers — even ATMs and parking meters. (It’s not natively supported in iOS.)
“Code once” doesn’t mean never update. As with browsers and other apps, staying as secure as possible means always updating to the latest Java. If you have a bank or other financial institution that demands a version prior to Java 6, you really need to question that firm’s security stance — as well as its concern for your financial assets. Contact the firm and ask someone why they’re not protecting you as well as they should. Even a Java help page recommends: