Java allows 'open hunting season' for hackers, experts find

Summary:Is Java a serious enough concern for you to disable it altogether?

java open season consumer hackers security recommendation disable oracle

Security professionals urge disabling Java on your PC, saying that the computer language has created an "open hunting season on consumers" for hackers.

Talking to Reuters, Jaime Blasco, Labs Manager with security firm AlienVault Labs recommended that consumers begin to disable Oracle's Java software after the recent discovery of yet another security flaw which allows hackers to exploit computers. Blasco said:

"Java is a mess. It's not secure. You have to disable it."

The computer language is widely installed on over 850 million PCs around the world. First released by Sun Microsystems in 1995, the computing platform is backbone technology which allows consumers using Microsoft's Windows PCs or Apple's MACs to run a number of processes including online games and Internet browsing. Java runs through plugins and modules on Internet browsers including Internet Explorer and Firefox.

However, it is not just Blasco who has concerns over the software's security. HD Moore, Rapid7's chief security officer -- a firm which assists businesses in identifying vulnerable elements in their infrastructure -- believes that Java has made a number of devices, including anything running on Mac OS X, Linux or Windows, vulnerable to attack.

Moore compared Oracle's Java to "open hunting season on consumers," who are being targeted more often by a host of cyberattacks, including malware and phishing scams. A number of toolkits, freely released on the web, are also of concern -- as many include software which can be used to exploit such security flaws. Therefore, if you have not already done so, you are advised to disable any modules in your browser which relate to the software.

Recently, another zero-day vulnerability was discovered in Java 7 Update 10, which is simply the latest security flaw to be exposed within the computer language. The exploit, verified by AlienVault labs, is currently in the wild and continues to be exploited.

We have reached out to Oracle and will update if we hear back.

Topics: PCs, Security

About

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charli... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.