java

Oracle's Java has been plagued with vulnerabilities lately. The latest patch announced by Oracle will fix 2 existing vulnerabilities. One  "actively exploited by attackers to maliciously install the McRat executable onto unsuspecting users’ machines," while the other was discovered last week and was used to attack several customers, according to Oracle.

In addition to these fixes several new vulnerabilities have also been discovered. Unfortunately there are no fixes for these yet. However, Oracle claims the first vulnerability discovered by Security Explorations was not in fact a vulnerability. Oracle is still investigating the second potential vulnerability found by Security Explorations.

How can users protect them selves from Java's security holes? The best thing to do is to uninstall Java from your machine. If you must use Java, then install it only on a browser you do not normally use, and make sure it's security settings are high.  Set the settings to alert you when it uses a Java applet.  Additionally, insure that you have the latest updated version of Java.  This approach will help to protect your machine no matter your operating system (Windows, OSX, Linux) and your browser of choice.

Have you suffered from any security related issues using Java?  Do you use Java as part of your site or business? Has the recent security problems with Java given you reason to look for alternative solutions? Tell us about it in the comments.