Estimated read time: 1-2 minutes
This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
WASHINGTON (AP) - An emergency Java update has been released to patch multiple security flaws in the program, but security experts say the action by Oracle is not enough.
The new fix sets Java's default security level from medium to high, preventing computers from automatically running Java applets from unknown users — as would be the case with hackers.
The U.S. Computer Emergency Readiness Team, a division of the Department of Homeland Security, advised users Monday that the update was not complete.
- Type "chrome://plugins" into address bar. Find "Java" and click "disable."
- Go to "Tools," click "Add-ons" and then "Plug-ins" on the left.
- Select "Java (TM) Platform ..." from the list on the right.
- Click "Preferences" in the Safari menu. Click "Security," uncheck "Enable Java."
- Click "Tools," then "Manage Add-ons." In the dropbox below "Show," select "All Add-ons."
- Under the category "Group," select "Oracle America, Inc." Select all, click disable.
"Unless it is absolutely necessary to run Java in web browsers, disable it, even after updating to (version) 7u11," CERT said in a release.
The Department of Homeland Security advised people on Thursday to temporarily disable the Java software on their computers to avoid potential hacking attacks.
In a statement Saturday, the company said it was "aware of a flaw in Java software integrated with web browsers."
The glitch is only in the JDK7 version of the software, and it "does not affect Java applications directly installed and running on servers, desktops, laptops and other devices," the company said.
Experts believe hackers have found a flaw in Java's coding that creates an opening for criminal activity and other high-tech mischief.
Java is a widely used technical language that allows computer programmers to write a wide variety of Internet applications and other software programs that can run on just about any computer's operating system.
Oracle Corp. bought Java as part of a $7.3 billion acquisition of the software's creator, Sun Microsystems, in 2010.
Contributing: Associated Press
