page 1 of 2
The Department of Homeland Security advises all computer users to temporarily disable Java on their systems. Java technology, which allows platform-independent code to run on virtually all operating systems, has major security flaws. Hackers are able to exploit an “open door”, allowing them to commit identity theft or install malicious software, making your computer part of a network used for cyber attacks.
Java running in the web browser is most vulnerable. Hackers will lure an unsuspecting user to their website, which installs a malicious java applet. Some hackers have even been able to compromise legitimate websites, making them hosts for malicious java applets. Do not trust any java applet, even if it is hosted on a legitimate site. Don’t install the java runtime environment on your browser or system. The former is more likely with the casual computer user. If anything pops up instructing you to install anything Java-related, don’t do it.
iOS users (iPhone, iPad, and iPod Touch) might have something to worry about. Oracle released a technology known as ADF Mobile. It allows developers to create an iOS app which runs in a lightweight Java virtual machine, installed as part of the app’s code base. Researching this issue, no one has mentioned any vulnerabilities. This doesn’t mean there aren’t any. We can only hope that Apple’s “walled garden” of the App Store has removed any malicious apps. However, if the app is running a Java Virtual Machine, it may be vulnerable. It is unlikely that you have an app developed with Oracle ADF Mobile. Most of these tend to be tools for enterprise developers to monitor their application servers or the like. Some of these apps are front-ends for enterprise systems. If your organization uses Oracle enterprise systems, and has a custom “front-end” app for iOS, you might be vulnerable. The vast majority of iOS users have nothing to worry about. (continue…)