Text

The Java Problem, and what you should do

Hello everyone,

This is a security update concerning your Macs and PCs, and you should stop and read the following and take action if necessary.

This week, security researchers have identified a Zero Day Exploit (meaning, a security flaw that was released into the wild without notification) that affects Java. This security problem is severe and should be treated with the utmost caution. Apple has taken the precaution of blacklisting Java Applets within Safari for those running Mac OS X 10.7 and 10.8, but those running 10.6.8 or earlier should take some precautions to ensure their safety for the time being. These steps are also necessary for those running 10.7 and 10.8 and using Firefox or Chrome as your web browser:

Chrome

  • Click on the Chrome menu, and then select Settings.
  • At the bottom of Settings window, click Show advanced settings
  • Scroll down to the Privacy section and click on Content Settings.
  • In the Content Settings panel, scroll down to the Plug-ins section.
  • Under the Plug-ins section, click Disable individual plug-ins.
  • In the Plugins panel, scroll to the Java section. Click Disable to disable the Java Plug-in.
  • Close and restart the browser to enable the changes.

Note: Alternatively, you can access the Plug-ins settings by typing about:plugins in the browser address bar.

Firefox

  • Click on the Tools menu and then select Add-ons
  • In the Add-ons Manager window, select Plugins
  • Click Java (TM) Platform plugin to select it
  • Click Disable (if the button displays Enable then Java is already disabled)

Safari

  • Choose Safari Preferences
  • Choose the Security option
  • Deselect Enable Java
  • Close Safari Preferences window

There is a planned update to Java to fix this issue, but it is not currently available. We will provide a second update once it’s available.

Please share this information widely.

Note, if you do have a critical application that requires the Java plugin in your web browser to be functional, contact us for details on how you can use Java with reduced risk.