Various sources have reported on a Java vulnerability concerning the Java
browser plugin. Please refer to the following links for more information. It
affects all platforms, especially the Mac and Windows computers we use here.
It affects JDK and JRE 7 update 10 and earlier. Note: JDK and JRE 6,
5.0, and 1.4.2, and Java SE Embedded JRE releases are not
affected
- What is Java? http://www.java.com/en/download/faq/whatis_java.xml
- Oracle security alert: http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html
- Do I have Java installed and what version?: http://www.java.com/en/download/installed.jsp
- How do I disable Java in my web browser?: http://www.java.com/en/download/help/disable_browser.xml. For Windows, please see note about disabling for Internet Explorer. For Macs, follow the steps for disabling in the browsers.
- Please refer to http://javatester.org/ for more info.
The latest Java 7 update (11) changes the security level to high, with the
user always being prompted before any unsigned Java applet or Java Web Start
application is run. However, it is advisable to disable the Java
browser plugin, regardless of version. If you use sites that require
the plugin, consider disabling it in your default browser, and use a secondary
browser exclusively for any Java-related activity.
Attn Mac users, please see this note regarding Java 7: http://java.com/en/download/faq/java_mac.xml.
- Apple is disabling the Java 7 plugin automatically on systems where it's already installed.
- For OS X 10.7 and later, the update Java for OS X 2012-006 uninstalls the Apple-provided (v. 6) Java plugin from all browsers.
Please reply with any questions