1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar
ConsumerAffairs
Write a ReviewWrite a Review

PhotoJava software, a key tool installed on most personal computers, is vulnerable to attack and should be shut down or removed, the U.S. Department of Homeland Security is warning.

Hundreds of millions of users are at risk of having their computers infected with malware that could result in identity theft or worse.

What's worse than identity theft? Well, your computer could be taken over by hackers and used to stage botnet attacks on innocent business or government networks in what are called denial-of-service attacks.

The threat applies to Windows, Apple and Linux operating systems.

"We are currently unaware of a practical solution to this problem," said the DHS' Computer Emergency Readiness Team (CERT).  "This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available."

Oracle Systems, which maintains Java, has yet to come up with a response to the problem.

For most computer users, uninstalling or disabling Java is relatively simple but will affect certain Web browser functions that will make some sites respond slowly, or not all.

You can find a guide to uninstalling Java here.

Share your Comments

Please enable javascript to comment on this page
John Griffith
Does this threat apply to javascript, as well?
John Griffith
Does this threat apply to javascript, as well?
Donald Benard
FYI I took this off my computer.
Donald Benard
FYI I took this off my computer.
Eric Schneck
Good to see Homeland Security actually doing something for a change.. hunting down those rogue Java pirates! *snort*
Diane Johnson McCarter
What are you supposed to use, if you disable Java, you can't type on any internet site, ie: facebook?
Diane Johnson McCarter
What are you supposed to use, if you disable Java, you can't type on any internet site, ie: facebook?
Ellen Shaw Maceko
I removed Java. What exactly is Java for?
Ellen Shaw Maceko
I removed Java. What exactly is Java for?
Sherrie Moore
I did some checking and apparently Mac has taken steps to counter this and protect it's users, same for Mozilla, for PC users. Just delete the 'new update available' notice, although it may still be a problem with browsers other than Mozilla. This is why I don't set my computer to 'Download all updates automatically'. I got a 'Java update available' notice this morning and minimized it because I was doing something else, but immediately after, I got a Norton 'security issue' notice.
Pauline White
I noticed this morning, I had a "download" for Java. I was too busy to fool with it right then, so I minimized...then I read this. Since I play online games, I'm not removing it from my computer, but am going to be way more careful. I don't do automatic updates either, that's how I caught this one... leaving it as it is... and it's not just for online games, chatting, but many other things we're totally unaware of.
Alice Owens Huggins
I cannot find Java..where is it. I looked under my Control panel and see nothing about Java.
Alice Owens Huggins
I cannot find Java....looked in my Control Panel, but nothing. Where do I disable Java?
Alice Owens Huggins
I cannot find Java....looked in my Control Panel, but nothing. Where do I disable Java?
Kelly Zachary
Here's the low down...it's a bad bug, but it only affects Java 7. To disconnect, go into control panel and click on Java Control and then disconnect, but only if you're running Java 7. This comes from Ron, and he works for Homeland Security. Let me know if anyone has a problem.
Kelly Zachary
Here's the low down...it's a bad bug, but it only affects Java 7. To disconnect, go into control panel and click on Java Control and then disconnect, but only if you're running Java 7. This comes from Ron, and he works for Homeland Security. Let me know if anyone has a problem.
Kelly Zachary
For those of you who know more than I do about computers, it's a new zero day attack. Good luck.
Kelly Zachary
For those of you who know more than I do about computers, it's a new zero day attack. Good luck.
Kelly Zachary
Alice, check and mark sure you don't have Java 7. If you don't, then you are golden! Ron has Java 6, so you are probably safe. I love you!
Kelly Zachary
Alice, check and mark sure you don't have Java 7. If you don't, then you are golden! Ron has Java 6, so you are probably safe. I love you!
Cori Crosby
other than uninstalling Java 7 do we need to uninstall Java 6 also?
Sue Sorensen
Apparently there was a fix released Jan. 14.
Sue Sorensen
Apparently there was a fix released Jan. 14.
Quantcast