Security alert: Remove Java from your browsers

Woody Leonhard

With nearly every news outlet — along with the U.S. Department of Homeland Security — calling for its removal from PCs, who wouldn’t worry about running Java on their computer?

Fortunately, there are steps every Windows user can take to lessen the chances of being bitten by a Java exploit.

Why everyone should be concerned about Java

In the computing world, Java is very nearly ubiquitous. As noted on Oracle’s Java FAQ site, it runs on lots of PCs, but it also runs on “billions of devices worldwide, including mobile and TV devices.” Java is not JavaScript, as Susan Bradley notes in her companion piece, “Java: More than the usual cup of coding coffee,” about what Java is and isn’t.

In this article, I focus on one task — disabling Java in your Web browser(s). It’s the most effective way to protect yourself from most Java-based threats. Yes, some PC users still need Java in their browsers to work with specific websites. But most of us have little to lose and much security to gain by keeping our browsers Java-free. (And yes, Mac users should block Java, too.) Java in browsers has been a malware magnet for years — it’s unlikely that fact will change anytime soon.

I’m not going to review the most recent round of Java exploits, their patches, or new exploits built onto the backs of Java fixes. Java updates are routinely covered in the twice-monthly Patch Watch column. Brian Krebs has an interesting Krebs on Security post detailing the latest war between Java security and hackers.

Scorched earth: Remove Java from all browsers

These days, it’s common for PC users to use multiple browsers. Most versions of Windows have Internet Explorer installed, and many — if not most — PC users are running Firefox or Chrome — or both. On any PC with multiple browsers, the most effective security policy is to disable Java in all browsers; then see what, if anything, breaks. Most likely, you’ll never miss it.

Websites requiring Java are on the decline, but if you hit one, you can just move on to a different site. On the other hand, if your bank, brokerage company, or some other critical site requires Java, then you need to limit your Java exposure. (I’ve been running Java-free for about six months now, and I haven’t missed it one bit.)



This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 10, Windows 8, Windows 7, Firefox, Internet Explorer, Google, etc. Join our 460,000 subscribers!

Enter your email above to receive messages about offerings by Penton, its brands, affiliates and/or third-party partners, consistent with Penton's Privacy Policy.
The Windows 7, Vol 3 (Excerpt)

Subscribe and get our monthly bonuses - free!

The Windows 7 Guide, Volume 3: Advanced maintenance and troubleshooting provides advanced tools for keeping Microsoft's premier operating system up and running smoothly. Get this excerpt and other 4 bonuses if you subscribe FREE now!

= Paid content

All Windows Secrets articles posted on 2013-01-24:

Woody Leonhard

About Woody Leonhard

Woody Leonhard is a Windows Secrets senior editor and a senior contributing editor at InfoWorld. His latest book, the comprehensive 1,080-page Windows 8 All-In-One For Dummies, delves into all the Win8 nooks and crannies. His many writings tell it like it is — whether Microsoft likes it or not.