PhotoJava software, a key tool installed on most personal computers, is vulnerable to attack and should be shut down or removed, the U.S. Department of Homeland Security is warning.

Hundreds of millions of users are at risk of having their computers infected with malware that could result in identity theft or worse.

What's worse than identity theft? Well, your computer could be taken over by hackers and used to stage botnet attacks on innocent business or government networks in what are called denial-of-service attacks.

The threat applies to Windows, Apple and Linux operating systems.

"We are currently unaware of a practical solution to this problem," said the DHS' Computer Emergency Readiness Team (CERT).  "This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits. Exploit code for this vulnerability is also publicly available."

Oracle Systems, which maintains Java, has yet to come up with a response to the problem.

For most computer users, uninstalling or disabling Java is relatively simple but will affect certain Web browser functions that will make some sites respond slowly, or not all.

You can find a guide to uninstalling Java here.

Share your Comments