Java Might Be Bad For Your Computer – Hackers exploit hole in Java security

August 31, 2012 at 6:19 pm 4 comments

This week, experts around the world have detected a nasty piece of virus that can use your internet browser to take control of PCs, Macs, and Linux. The bad thing about this virus can gets to a computer through a legitimate software update and your anti-virus or internet security software may not detect it.

Without being too geeky, I’ll tell you a little about what this is, what you can do to keep it from infecting  your computer and how to tell if  your computer may be a risk.

You might have seen this symbol  pop up in the lower left corner of your PC asking to install Java updatesJava Update Notice. Normally, keeping all of your software updates up to date is a good thing. But not in this case. You see, the latest update from Oracle, the makers of Java has a big flaw that allows those bad hackers to slip in a “trojan” virus (yup, just like the story of the Trojan Horse) named Poison Ivy. This virus — along with others packaged in a “hacker’s toolkit” called Blackhole will then use your internet browser (IE, Safari, Chrome, Firefox, and Opera, to name a few) to enter your computer (Macs too) and allow the hacker to control your computer remotely. Oracle was told back in April about this bug, but has yet to fix it.  UPDATE: Oracle has just released today an update to fix this! See the next section to find out more.)

How to know if you browser (or browsers) may be open to an attack

The versions of Java with the security are versions 1.7 for Windows, and versions 1.6 for Mac. The security company ZScaler, has a page for you to check to see if your browser may be at risk to the Java security hole. Just open the browser you want to check and go to It will tell you if you have Java installed for that browser and if it is whether you are vulnerable to not.

What you can do if your Java is found vulnerable

You have three choices. I prefer number 3.

1) Update your Java to the new fixed version. If you really need to have Java running on your computer, use this method to get the latest update.

  • Go to Click the Free Java Download button.
  • Click the Agree & Start Free Download button. Above the button it should say it’s Java Version 7 Update 7 (if you’re on a PC) or Java Version 6 Update 35 (if you’re on a Mac).
  • Save and/or Run the installation file.
  • Uncheck the “Install the Ask Toolbar & make Ask my default search provider” (I hate these things). Click “Next”.
  • After you get the message “You have successfully installed Java”, close all of your browsers.
  • Go back to the ZScaler link from my last section and verify your Java is safe.

2) Uninstall all versions of Java in the computer.

  • For PCs, that’s going to the Control Panel, select Programs & Features (Vista, Win 7) or Add or Remove Programs (XP). Uninstall all versions of “J2SE Runtime”, “Java 2 Runtime”, or “Java” (there can be multiple versions–Java doesn’t clean up after itself when it updates).
  • For Macs there isn’t an easy way to remove Java once it’s installed. Unless you can find a Friendly Neighborhood Geek who knows Unix commands, you might want to upgrade to OS X 10.7 since it does not use Java.

3) Remove/Disable the Java plug-ins from your browser(s).  This is my choice. It is a little more work because if you have different internet browsers on your computer (like me) you’ll have to do this for each browser.

IE 6 & 7:

  • Go either to the Tools menu or the Tools Sprocket icon.
  • Select Manage Add-ons.
  • Select Enable or Disable Add-ons.
IE 6 & 7

IE 6 & 7

  • In the Show pull-down, select “Add-ons that have been used by Internet Explorer”.
  • Click every Java plug-in and Disable each one.
IE 6 & 7 b

IE 6 & 7

  • Click OK to complete.
  • Go back to the ZScaler link in my last section and verify your computer is safe.

IE 8 & 9:

  • Just like IE 8, find the Sprocket icon.
  • Select Manage add-ons.
IE8 & 9

IE8 & 9

  • In the Show pull-down, select “All add-ons”.
  • Click every Java plug-in and Disable each one.

IE 9 Plug-ins

  • Click Close.
  • Go back to the ZScaler link in my last section and verify your computer is safe.


  • Go either to the Tools menu or the Tools Sprocket icon.
  • Select Manage Add-ons.


  • Click every Java plug-in and Disable each one.

  • Click Close.
  • Go back to the ZScaler link in my last section and verify your computer is safe.


This browser is the hardest on to remove plug-ins from.

  • Go to the wrench icon.
  • Click Settings.

Google Chrome browser

  • Scroll to the bottom of the Settings page.
  • Click Show advanced settings…

Google Chrome, Settings page

  • In the Plug-ins section, select Disable individual plug-ins…

Google Chrome Plug-ins section

  • Click every Java plug-in and Disable each one.

Google Chrome, disabling Plug-ins

  • Click Close.
  • Go back to the ZScaler link in my last section and verify your computer is safe.

Some FAQs (Frequently Asked Questions):

  • “If I disable Java on my browsers, will I no longer be able to surf the Internet?”   You will still be able to use the Internet.  Most sites don’t rely on having Java installed, but for those few that do, you can manually have Java run temporarily to view the web page you want to read.
  • “Hey CC, I got the greatest whiz-bang internet security software on my computer you can get. Will it protect me?”   Not likely. Less than half of the major anti-virus security software will be able to detect if your computer’s about to be attacked through Java.
  • “What about iPad tablets? Are they safe?”   iPads (and iPhones) don’t use Java, so they’re safe from this exploit. I guess Steve Jobs was right on the money when he said “Java’s not worth building in. Nobody uses Java anymore.”
  • “Hey, don’t forget about us Android users! Are we okay?”   Yes, Android tablets & smartphones are safe because they don’t use Java either. ‘Droids and ‘Pads don’t use the same operating system computers use, so they tend not to get the same problems computers get–and vica versa.

They say coffee can be bad for humans. Now it seems Java is now bad for computers too.

–The Computer Cat


Entry filed under: blog, computer help, grandparents, laptop, newbie, newbies, seniors, Technology, virus alert. Tags: , , , , , , , , , , , , , , , , .

Does your Mouse have a Mind of it’s Own? New Attack on IE Browser Users

4 Comments Add your own

  • 1. New Attack on IE Browser Users « The Computer Cat's Corner  |  September 19, 2012 at 10:30 pm

    […] the things it can allow is a way to control a PC over the Internet (Remember my last blog,  about Java Might Be Bad For You Computer? They’re using those same […]


  • 2. Catherine  |  October 9, 2012 at 5:37 am

    Why users still use to read news papers when in
    this technological world the whole thing is available on web?


  • 3. Webmaster Info  |  March 8, 2013 at 4:11 am

    Remarkable! Its in fact remarkable article, I have got much clear idea on the topic of from this


    • 4. Computer Cat  |  March 12, 2013 at 10:20 pm

      Meow & Thank you for the nice “sardine”, Webmaster Info!



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

Follow The Computer Cat's Corner on

My Fishing Calendar

August 2012
« Jul   Sep »

Enter your email address for a a free Subscription and receive nifty notifications of my new posts by email!

Join 123 other followers

Computer Cats o’ th’ Day

Satisfied Buster. Inglewood, CA

A very satisfied Buster. Inglewood, CA

Sam Has Eyebrows

What, me worry? (Yup.) Sam the Worried Cat

The Real Computer Cat

Patches applying a software patch. Costa Mesa, CA



I'm a little kitty. I try to help Humans who need computer help with my little blog. It's called "The Computer Cat's Corner" on

Personal Links

View Full Profile →

%d bloggers like this: