IT Services Alerts - Important IT security alert: Patch for Java 7 vulnerability
Updated: Tuesday, 4th September 2012, 4pm
Security Alert: Java Vulnerability
A new vulnerability has been found in Java software which may be installed on your computer. This issue affects all versions of Oracle’s Java 7 on all supported operating systems.
How could this affect me?
In order for this vulnerability to be exploited, you would have to visit a web page or follow a link to an infected site. If you did this and your computer was exploited, access to your computer and data could be given to malicious users on the internet.
Is my computer vulnerable?
You can check if you have the vulnerable software by following this link: www.isjavaexploitable.com
What should I do?
A security update has been released to fix this issue. IS Services recommend that all affected College users install this update as soon as possible.
How do I install the update?
Installing the Java Security Update on Windows & Linux operating systems
- Go to www.java.com
- Click on the "Do I have Java?" link.
- Click on the "Verify Java Version" button.
- If your Java version requires an update you will get a page that states “ A newer version of Java is available”
- Click on the "Download Java Now" button. On the next page, click the "Agree and Start Free Download" button.
- Click Run.
- Follow the on-screen instructions to complete the installation
Installing the Java Security update on Mac OS X
1. First Determine the version of OS X you are running
Users can determine the version of OS X that their system is running by selecting "About this Mac" from the Apple menu at top left of the screen.
2. Update Java on systems running 10.6.8 +
Click on “Software Update” from the Apple menu at the top left of the screen. The update will be called "Java for Mac OS X 10.6 Update 8" for 10.6 users and "Java for OS X Lion 2012-003" for 10.7 users.
- The 10.6 version can be downloaded directly here: Java for Mac OS X 10.6 Update 8
- The 10.7 version can be downloaded directly here: Java Security Update 2012-003
3. Disable Java on Systems Running Mac OS prior to 10.6
For systems running a version of the Mac OS prior to Mac OS X 10.6 no security update is available, to protect your computer from this vulnerability you should disable Java at the browser level. Follow the steps below to disable Java in your browser:
- Select "Preferences" from the Safari menu at the top left of the screen and go to the "Security" tab.
- Uncheck "Enable Java".
- Select "Add-ons" from the Tools menu at the top of the screen and go to the "Plug-in’s" tab.
- Disable all Java Plug-in’s listed.
- Type "chrome://plugins" in Chrome's address bar.
- Click the "disable" link below any java plug-in listed.