January 18, 2013

Security recommendations from IT regarding Java

Information Technology’s response to the recent increase in Java Zero-Day Vulnerabilities.

You may have heard in the news about the recent increase in Java Zero-Day Vulnerabilities.  These vulnerabilities expose your computer to having malware installed and to having personal and confidential information stolen.  For that reason, IT would like to recommend some steps that you can take to protect both your computer and your information.

Ultimately, if you do not need to use Java we recommend that you disable it entirely.  If you are not sure if you need Java, try turning it off in your browser to see if this causes any issues with your web browsing.  If it does, then re-activate it.  IT has confirmed that disabling Java will not affect either current versions of the Colleague UI or Google apps. 

However we recognize that there may be Java based web applications that you are required to use.  In that case, it is important that you regularly update your Java to the newest version, currently 1.7.  Additionally, you will need to remove all old versions of Java since the update installer does not automatically do this. 

For instructions on uninstalling or disabling Java, identifying your version of Java, updating Java and removing older versions, or for more information about Zero-Day Vulnerabilities please click here.

If you have further questions about the Java Zero-Day Vulnerabilities, or other information security issues, please contact Information Security Officer, Jessica Odom (odom@lclark.edu)