14 DAY TRIAL // After installing an operating systems on their computing machines, most individuals rush to install applications that help them browse the web. While many believe that without components such as Flash and Java they won’t be able to access certain content, there are always safer, more secure, alternatives.
F-Secure researchers report that many people use Java, but in reality they don’t need it, its presence only giving cybercriminals the opportunity to exploit the device it’s installed on.
The main issue is that a lot of Internet users confuse Java with JavaScript, a crucial component for the web.
“If you're running Java, but not the latest version, you're vulnerable. So either you have to check at all times that you have the latest version of Java — or get rid of it altogether,” said F-Secure’s Mikko Hypponen
After studying the infamous Blackhole exploit kit’s control panel, the experts discovered that more than 16,000 computers were taken over using the Java Rhino vulnerability.
If you really need Java for online banking or other Internet apps, it’s recommended that you install the Java plug-in in a separate browser that you utilize only for the specific tasks, allthough, many have discovered that after uninstalling the dangerous component, their daily activities are not affected in any way.
“Also note that Chrome has been doing a good job in sandboxing or otherwise securing risky add-ons and extensions. Many Java exploits do not work against Chrome. Also, Chrome does not use an Adobe Reader plugin to render PDF files. This is good news, as Chrome is quickly becoming the most common browser on the planet,” Hypponen adds.
The bottom line is that third party components present a lot of security flaws which can be easily taken advantage of by hackers. Those who need to use them are advised to keep them updated at all times, but also check out the newer, more secure, alternatives.