Tim Jackson is the CEO and founder of Jackson Technical.
Java has a security problem.
You may have read in tech news lately about “zero-day” threats that are exposed to Java. Zero-day threats are vulnerabilities that hackers have discovered but haven’t yet been fixed by the software manufacturer. These flaws often allow viruses to be installed on your computer without your browser or anti-virus stopping them and they don’t always come from a risky website. The infected code can even be embedded in legitimate and popular websites.
This is not a new problem for Java. It reoccurs frequently and that’s why the annoying orange icon by your taskbar clock seems to be constantly asking for yet another update. Because of the frequency of new security updates issued, it’s human nature to eventually stop paying attention to it. This is exactly what the virus writers are counting on. They know that most Windows and Mac operating system updates are now being installed on a regular basis, so they need another way in.
I can personally attest to the frequency of infections through Java. Approximately 85% of all infected machines we see in our shop are Windows XP with Java installed. We know the virus infiltrated via Java because the virus codes are discovered in the Java temp directory.
Java is a 3rd party add-on with a browser plug-in to allow software to be distributed and executed within your browser. You can tell if a website needs Java because you will see the Sun Java logo displayed as a square box with the animated circle loading on your screen while it loads the software into memory.
Uninstall it completely.
If you don’t use any websites that require Java, then it’s just a program with high potential to be abused to circumvent your security measures. Fewer websites require it. If you find out later that you do need it, it’s only a 5 minute, free re-install.