With the announcement today of yet another vulnerability in Java by threatpost.com , this one affecting a potential 1.1 BILLION desktops, I feel the need to just bin Java completely.
The chances are that you do not need it anyway, so just get rid! If you do need it then you will be prompted by the program or website that needs it and you can make a decision at that time whether or not you feel safe reinstalling the little beastie or whether you would rather find some alternate program or website that doesn’t use Java.
Needless to say that it helps with security if you have the latest versions of your Operating System, your browsers and all your programs. Security exploits are patched and hopefully removed when these are updated, so please, please keep everything up to date. If you haven’t then now is the time to do it.
Now that you are up to date with everything, if like me you want to get rid of Java then here is how you do it.
If you have Windows 7 or Vista:
Click Start
Click Control Panel
Click Programs
Click Programs and features
Select the Java program icon and then click the Uninstall button.
If you have Windows XP:
Click Start
Click Control Panel
Double click Add or Remove Programs
Select the Java program icon and then click the Remove button
Now make sure that there aren’t more versions of Java installed and if there are then just repeat the steps untill you have removed them all.
Now you should also check your browser(s) to be sure that you do not have Java plugins or extensions installed.
For this you can simply go to the following website
http://javatester.org/enabled.html
Visit this site from each of your browsers to see if they have a Java applet running.
What you want to see is on the line marked LIVE and then in a text box the words “This browser can NOT run Java applets.”
Do NOT install any plugins if your browser tells you that it needs them, this would defeat the purpose and actually install a Java applet.
If you see anything other than “This browser can NOT run Java applets.” then you need to do further investigations into your browser add-ons.
For Internet Explorer:
In the Menu bar, click Tools
Click Manage Add-ons
Under Add-on Types click Toolbars and Extensions
Under Show:
Select the drop down for All add-ons
Select any Java related items and click the Disable button
Close the window and reload your browser.
For Mozilla Firefox:
In the Menu bar, click Tools
Click Add-ons
Click Extensions
Select any Java related items and click the Disable button
Click Plugins
Select any Java related items and click the Disable button
Close the window and reload your browser.
For Google Chrome:
Click on the Customize and control Google Chrome button (3 horizontal bars)
Click Settings
Click Show advanced settings…
Under Privacy click on the Content settings… button
Under the JavaScript heading select the Do not allow any site to run JavaScript radio button
Click on the Manage execptions… button and make sure there are no entries in there
Click OK
Close the window and reload your browser.
Now you may think that you are done, but no. Not quite yet.
Do you use Adobe Reader to view PDF files?
If so then you need to check some settings there as well.
(When you checked all your programs for updates, you did update Adobe Reader right? OK then.)
Open Adobe Reader
Click Edit
Click Preferences…
Click JavaScript
Make sure that the check box by Enable Acrobat JavaScript is clear
Now click Trust Manager
Make sure that the checkbox by Allow opening of non-PDF file attachments with external applications is clear
Click OK
Close Adobe Reader
Whew! Finally you should re-check your browser(s) by visiting http://javatester.org/enabled.html and make sure that your browser can NOT run Java applets.
Now we can wait for the next batch of vulnerabilities to be exposed.
Welcome to the modern World of computers!!!
Leave a Reply
You must be logged in to post a comment.