- Target Will Match Amazon Prices on the Spot!Here is How to Get that Amazon Price at Target - 8/8/2018
- Washington Post Columnist Suzi Parker Erroneously Reports Satirical Story About Sarah Palin Taking Host Position with Al Jazeera - 12/10/2016
- Android People App on Google 4.2 Operating System Jelly Bean Omits Entire Month of December from Calendar - 12/10/2016
The U.S. Department of Homeland Security alerted users of Java to a serious and urgent security risk, recommending that users disable Java until a suitable fix has been released. In the statement, the United States Computer Emergency Readiness Team (US-CERT), the branch of the federal government that manages computer security risks, warned that any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7), Java SE Development Kit (JDK 7) and Java SE Runtime Environment (JRE 7) are at risk.
The Feds said that all versions of Java 7 through update 10 are affected, and even web browsers using the Java 7 plug-in are at serious risk.
According to the US-CERT, “A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a “drive-by download” attack).”
With this flaw, hackers are able to use Java to install malicious software, which will in turn allow them to turn computers into part of an ad-hoc network to be used for cyber attacks, as well as making the computers vulnerable to websites that are virus infected, identity theft and “ransomeware,” where the computer is locked and not unlocked until the user pays money to the hackers.
security experts were the first to break this news, with the US – CERT formally announcing it later in the day. Java is a highly-used program that enables an array of different software programs to run on various computers and websites.
Oracle issued a statement promising a patch on Tuesday, promising that it will contain “86 new security vulnerability fixes.” They went on to say that, “due to the threat posed by a successful attack, Oracle strongly recommends” that customers update Java on their computers with the patch as soon as possible.” As a reminder, until that patch comes out, the Department of Homeland Security strongly advises users to disable Java all together.