Do you have Java turned on in your web browser? If your answer is “Yes” or “I’m not sure” then it’s time to take action to find out. Why? The biggest threat to your computer systems in 2013 (and beyond) is no longer Microsoft Windows - it is Oracle Java.
After 20+ years as the poster child for insecure software, Microsoft’s newest operating systems (Windows 7 and 8) have gotten their act together. Cybercriminals like to get the greatest bang for their buck and therefore they’re attacking the Java platform because of its huge market share and because it’s an easier platform to hack than the Microsoft operating system.
Java is now installed in over 1.1 billion desktops and 3 billion mobile phones. That’s a big target that is very attractive to hackers. Hackers also love that Java is multi-platform, which means it’s capable of corrupting PCs running Windows, Mac OS X or Linux. And since many Mac users don’t have anti-virus, hackers were able to infect over 600,000 Macs with serious malware via the Java software installed on their machines.
Right now, cybercriminals are aware and exploiting any security flaws in Java that could lead to infections on your computer. There are even automated kits now available to capitalize on any security hole found within days, if not hours of them becoming known. It’s not unusual to see hackers use Java as a first attack to weaken the defenses before serving up an Operating System specific attack. Even the Department of Homeland Security suggested that “To defend against future Java vulnerabilities, their users should consider disabling Java in web browsers.”
Here are 3 steps you can take today to minimize your risk:
- Disable or uninstall Java wherever you can. If you don’t need it, remove it.
- Where Java is necessary, use a separate web browser only used for Java based websites and be sure to patch Java regularly.
- Have your staff report the first signs of slowness, possible infections and web browser pop-ups to your IT guy as soon as they happen.