If you frequently use Java-based apps or websites on your Mac or PC, the U.S. Department of Homeland Security has a bit of concerning news. A major security flaw within Java 7 has caused the department to warn users to disable or uninstall Java on their computers until a workaround is released.
From ZDNet:
The U.S. Department of Homeland Security has warned users to disable or uninstall Java software on their computers, amid continuing fears and an escalation in warnings from security experts that hundreds of millions of business and consumer users are vulnerable to a serious flaw.
Hackers have discovered a weakness in Java 7 security that could allow the installation of malicious software and malware on machines that could increase the chance of identity theft, or the unauthorized participation in a botnet that could bring down networks or be used to carry out denial-of-service attacks against Web sites.
“We are currently unaware of a practical solution to this problem,” said the DHS’ Computer Emergency Readiness Team (CERT) in a post on its Web site on Thursday evening. ” […] Java users should disable or uninstall Java immediately to mitigate any damage.
Fortunately, as MacRumors notes, Apple has been swift to respond in defense of their users, remotely disabling the plugin on Macs which have it installed without the need for user intervention. The block works by telling OS X to require a version of Java 7 which has not yet been released – and which will presumably contain a fix when it is released.