This notice is not related to diabetes or TuDiabetes, specifically, but is an important security warning for any of our members and visitors who use PCs. Please continue reading.
The Department of Homeland Security is urging computer users to disable or uninstall the Java programming language because of a serious security vulnerability.
The flaw in Java 7 "can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system," according to a warning posted Thursday by the U.S. Computer Emergency Response Team (CERT).
Hundreds of millions of consumers and businesses may be affected.
Hackers could exploit the flaw to install malicious software or malware that could make users vulnerable to identity theft or allow their computers to be exploited by "botnets" that could crash networks or be used to attack web sites.
"Note that applications that use the Internet Explorer web content rendering components, such as Microsoft Office or Windows Desktop Search, may also be used as an attack vector for this vulnerability," the warning adds.
DHS said it is "currently unaware of a practical solution to this problem."
Java was developed by Sun Microsystems, which Oracle bought in 2010. There's no indication when a security patch might be available, and Oracle had no comment Friday night, Reuters said.
Java allows programmers to write software using a single set of code that will run on almost any computer.
MacRumors reports that Apple has already disabled the Java 7 plug-in installed on Macs.
Homeland Security??? The internet is filled with warnings. (and with urban legends) If this were really a Homeland Security issue wouldn't it be on the news?
It would help if I understood word 1 of the above copied info.
Emily , this notice is confusing for me ; I use CareLink , Medtronic for my pump uploads . I have not been able yet , when I upload my Veo pump to check if Java 7 is what is being used .
Would you recommend I connect with Medtronic Canada before the next upload ??? Thanks, N
I think it may be for real as this link explains. Sydney Morning Herals is one of our most respected newspapers:
It's real, or everyone has been fooled. Reuters is widely respected enough. http://uk.reuters.com/article/2013/01/11/us-java-security-idUKBRE90...
Not a good ad for Oracle either.
Open your browser. Go to settings of Add-ons or Plug-ins. In this list you will find the Add-on called "Java(TM) Platform ...". Please disable this Plug-In so that the Browser is not using it anymore. After that the browser needs to be restarted. If you do not find these settings in your browser then switch to a browser like FireFox.
You can check the status of your Java Add-in by following this link and clicking on "check java version". The check should fail to detect Java.
Java has a zero-day exploit. This means a bug has been found that is ALREADY being used to hack computers. After the problem has been fixed by Oracle the Java Add-on can be enabled again. Of course this is interesting for homeland security. Our BSI in Germany has issued the same warning.
Here is the english page to check the installed java version.
Thank you, Holger; some of us need explicit directions like this rather than complex techie talk! I guess if you guys all think it's something serious I'll pay attention. I think I better e-mail my college tech support though to see if Java impacts my courses which open Tuesday.
I was unable to find anything like settings and add-ons so I went to the "check java version" and it said "no java installed" so I'm good. Thanks Holger.
I think I was able with the help of your instructions Holger to enable ?? ...Thank You !! I kept this link on file
You mean disable, right? The idea is to disable the Java add-on so the browser can not use it until it has been fixed. This means the check on the page should tell you that Java is disabled / not running.
shows you Holger , that I don't even know the lingo : disable it is ..thanks again . As a follow up , I plan to call Medtronic Canada tomorrow as well
Actually, I think a "zero day exploit" means that the vulnerability is now previously known and that victims are caught unaware and without defense. If the world becomes aware, then it is no longer zero day.