Oracle was supposed to release their February security update to Java this coming February 19 but the urgency of the situation made them push this way ahead of schedule. The latest patch called Java 7 Update 13 addresses 50 security flaws of which 44 are related to the Java Runtime Environment of web browsers.
To check if your computer has the latest security patch just got to your control panel and click on the Java icon. A window will pop-up with various tabs on top, click on the one that says update. On the update tab you will see an update now button on the lower right side which you only have to click. Everything is automatic from there on.
Computers who are not updated with this latest security patch run the risk of getting easily accessed by hackers who will be able to remotely execute a code on your machine to redirect it to malicious websites.
According to Eric Maurice, director for Oracle’s Software Security Assurance, “The popularity of the Java Runtime Environment in desktop browsers, and the fact that Java in browsers is OS-independent, makes Java an attractive target for malicious hackers.”
The U.S. Department of Homeland Security warned the public last month on the danger of using Java and strongly advised that the web plug-in be disabled immediately. Oracle immediately released the Java 7 Update 11 last January 13 to fix the security issues but this was still not enough as gaping holes to the security were still present.
Aside from the security patches the default security setting for Java is now set to high. This makes any Java activity more transparent to the user as Java applets that may run in browsers will no longer be hidden.
Oracle needs to beef up the security of Java as hackers are finding creative ways to attack it. Unless you it’s really important for you to use Java the best course of action to do right now is to disable it as advised by the Department of Homeland Security.