Java Information

LTS continues to monitor the recent security vulnerabilities discovered in the Java plugin for web browsers.  If you have any questions, please contact the Computing Help Desk.

  • Current Wellesley-supported version: Java 6 Update 45 (Wellesley instructions)
  • Current version available from Oracle: Java 7 Update 21
     
  • January 31st - Apple blocks all versions of the Java plugin on OS X
  • January 26th - Homeland Security recommends disabling Java if not in use

January 31st, 2013
 

Apple has blocked all versions of the Java plugin on OS X via its XProtect system.  Apple has not provided an explanation as to why this block was put in place, but it is likely due to the Department of Homeland Security still recommending users keep Java disabled. 

Information on this new block is available at CNet.


January 26, 2013
 

The United States Computer Emergency Response Team (CERT), a division of Homeland Security, has released an Alert about a severe security vulnerability in Java 7 that is being exploited by malware.

The current version of Java 7, Update 11, has a serious security vulnerability that can allow for malware to be installed on your computer in the background.  This malware can then allow unauthorized control of your computer.  This security vulnerability is being exploited via infected websites on the internet.  For more information about this Java security vulnerability, please see this ZDNet article.

Since only administrative staff typically need Java for day-to-day work, our recommendation is to disable Java.  If you use applications like Banner ERP, Nolij, or the SSL VPN, you will need to keep Java enabled.

If you need to keep Java enabled, we recommend a two browser solution: disable Java in your primary web browser, and enable Java in a secondary web browser, then use Banner ERP, Nolij, or the SSL VPN exclusivley in that secondary browser.

  1. To see if you have Java installed, and what version you are using, visit JavaTester.org.
    • In Firefox, you may see this plugin icon . Click it to enable Java on this website.
    • In Chrome, you may see a yellow bar at the top of your browser, click Run this time.
    • Once Java has loaded for this website, you should see this text:
               
  2. Visit our Disabling Java instructions to disable Java in your primary browser, typically Firefox or Chrome.
  3. Visit our Enabling Java 6 instructions to enable Java 6 Update 45 in your secondary browser, so you can use that exclusively for Banner ERP, Nolij, SSL VPN, and other websites that you may need Java for. Do not visit any websites other than these critical sites in a browser with Java enabled.


Credit: Our colleagues at Kenyon College

catch of the day

 

12/2: Identify phishing & report phishing from fax.com

SERVICE ALERTS

LTS News

In the works