X
Tech

Have you uninstalled Java yet? Here are 14 new reasons...

All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
Written by Ryan Naraine, Contributor

If you still haven't uninstalled Java to reduce the attack surface on your computer, here are 14 new reasons from Oracle Sun.

A new version of the Java SE has been released to patch 14 documented security vulnerabilities, some serious enough to let hackers remotely install malware on vulnerable machines.

"All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password," Oracle warned in an advisory.

[ SEE: Microsoft reports 'unprecedented wave' of Java malware exploits ]

"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible."

Security vendors are reporting an "unprecedented wave" of Java malware exploits.  Exploits for known Java vulnerabilities have been fitted into the most widely distributed exploit kits, allowing Java to surpass Adobe Flash Player and Adobe Reader as the most commonly exploited Windows third-party desktop software.

[ SEE: Ten little things to secure your online presence ]

As I explained here, it's hardly likely that you will miss Java on your machine.  If you do run into the random banking app that requires Java, you can always reinstall it but I haven't had Java on my machine for more than a year and I never miss it.

Here are the official uninstallation instructions from Oracle Sun.

Editorial standards