Homeland Security Warns of Java Vulnerability

By David H. Ringstrom, CPA

Computer security sites across the Internet lit up last week with the news that hackers are actively exploiting vulnerabilities in the ubiquitous Java software that resides on many computers. In a rare move, the United States Computer Emergency Readiness Team (US-CERT) advised all computer users to immediately disable Java within their browsers on any platform, including Windows, Mac, Linux, and Solaris.
 
Hackers are actively exploiting Java to control affected computers, potentially installing malware, attempting identity theft, and other malicious actions. Over the weekend, Oracle released Java 7 Update 11, which reportedly patches this vulnerability. All computer users that have Java installed on their computer should install this patch immediately. Another alternative is to disable Java in all web browsers. US-CERT, sponsored by the US Department of Homeland Security, offers more details and remediation guidance on its website
 
Oracle Java 7 Update 10 and earlier reportedly are being actively exploited by hackers. It's possible that some earlier versions, such as Java 6, aren't affected, but to be safe, all users should immediately disable any version of Java or install Java 7 Update 11. Java 7 Update 10 and later offer a check box to disable Java in web browsers, but earlier versions of Java don't offer this feature.
 
To access Java on a Windows computer, locate the Java icon in the Windows Control Panel. Click the About button on the General tab, as shown in Figure 1, to determine the version of Java you have installed. If it reads Version 7 Update 11, you have the latest version of Java installed. In this case, you may still wish to disable Java. To do so, close the About Java window and click on the Security tab as shown in Figure 2. Deselect the Enable Java Content in the Browser check box and then click OK.
 
Figure 1: Click the About button on the General tab of Java's Control Panel icon to determine your Java version.
 
Figure 2: Java 7 Update 10 and later allow you to disable Java by deselecting a check box.
 
If you don't have Java Version 7 Update 11 or later, click the Update tab, and then the Update Now button as shown in Figure 3, and then follow the onscreen prompts to install the latest version of Java. Once you install this update, the check box shown in Figure 2 may still be missing from the Security tab. If so, close the Java Control Panel and relaunch it by double-clicking on the javacpl.exe file that will likely be found in one of these two locations:
  • C:\Program Files\Java\jre7\bin 
  • C:\Program Files (x86)\Java\jre7\bin
Figure 3: You can download the latest version of Java from within the Java Control Panel.
 
On a Macintosh OS X computer, launch a Finder window, search for Java, double-click on Java Preferences, and then follow the aforementioned instructions.
 
Oracle offers specific guidance on removing Java on its website.
 
Read more articles by David Ringstrom. 
 
About the author:

David H. Ringstrom, CPA heads up Accounting Advisors, Inc., an Atlanta-based software and database consulting firm providing training and consulting services nationwide. Contact David at david@acctadv.com or follow him on Twitter. David speaks at conferences about Microsoft Excel, and presents webcasts for several CPE providers, including AccountingWEB partner CPE Link.

 
 

You may like these other stories...

Event Date: May 29, 2014 In this presentation Excel expert David Ringstrom, CPA brings you up to speed on the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both...
No field likes its buzzwords more than technology, and one of today's leading terms is "the cloud." But it's not just a matter of knowing what's fashionable. Accounting professionals who know how to use...
There is a growing trend of accountants moving away from traditional compliance work to more advisory work. Client demand is there, but it is up to the accountants to capitalize on that. What should accountants' roles be...

Upcoming CPE Webinars

Apr 22
Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
Apr 24
In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
Apr 25
This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.
Apr 30
During the second session of a four-part series on Individual Leadership, the focus will be on time management- a critical success factor for effective leadership. Each person has 24 hours of time to spend each day; the key is making wise investments and knowing what investments yield the greatest return.