I saw on TV today (jan 11, 2013), that there is a major Java exploit, and it recommended that all java be uninstalled. I am running ubuntu 11.10, should I disable all Java, and what is the best way to do this ??? Thanks !!!

If you're using Firefox or Seamonkey, select Tools, Add-ons, Add-ons Manager. Click the tab that says "Disable."

Also, read the US-CERT notice at http://www.kb.cert.org/vuls/id/625617. There are links describing how to disable Java on other browsers.

If you're not running Java 7 update 10, it's recommended that you get that (either JDK or JRE), but still disable it (there is no fix known as of now).

If you have any Java applications, you do not want to uninstall Java.

Hope this helps some.

1 members found this post helpful.

One note, majority of those exploits target Java plugin on the web browser. If you have Tomcat running on the server, then that is not a problem.

Is java 7 safe or not ?? Thanks, Rich...

The browser plugin is not safe; Java itself is pretty much OK for Java applications (those that are not Internet- or browser-based (that pesky plugin).

Best bet? Go read the US-CERT notice (http://www.kb.cert.org/vuls/id/625617) and decide for yourself, eh.

If you're using Firefox or Seamonkey, you want to disable the Java plugin; you do that from Tools, Add-ons, Plugins and click tab next to Java Plugin to disable it.

You can also refer to these addresses (copy-paste into your browser):

* Vulnerability Note VU#625617
<http://www.kb.cert.org/vuls/id/625617>

* Setting the Security Level of the Java Client
<http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/client-security.html>

* The Security Manager
<http://docs.oracle.com/javase/tutorial/essential/environment/security.html>

* How to disable the Java web plug-in in Safari
<https://support.apple.com/kb/HT5241>

* How to turn off Java applets
<https://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets>

* NoScript
<http://noscript.net/>

* Securing Your Web Browser
<https://www.us-cert.gov/reading_room/securing_browser/#Safari>

* Vulnerability Note VU#636312
<http://www.kb.cert.org/vuls/id/636312#solution>

Hope this helps some.

1 members found this post helpful.