Skip to main content
  1. Home
  2. Computing
  3. News

New security vulnerability found in Java; experts recommend disabling the app

Anna Washenko
By
Image used with permission by copyright holder

Researchers have identified a zero-day security flaw in the Java program that hackers are exploiting. The concern is severe enough that the U.S. Computing Readiness Team, a unit of the Department of Homeland Security’s National Cyber Security Division, issued a note about the flaw. The vulnerability has already been incorporated into two of the most popular Web threat tools for hackers’ malware distribution, so the threat is live and putting computers at risk, The Next Web reported. 

The problem is a remote code execution vulnerability in Java 7 Update 10 and earlier versions of the application. This weakness allows a hacker to execute arbitrary code on an exposed machine. The Computing Readiness Team said there is no known workaround yet to protect against malicious attacks, and they recommended disabling Java if at all possible until maker Oracle can enact some repairs. If you can’t disable or uninstall the application, your best bet is to disable it in your main browser and keep all of your Java use confined to a separate browser.  

Recommended Videos

A French researcher working under the name Kafeine first reported the vulnerability, and security company AlienVault Labs confirmed the flaw. Kafeine said in his post about the problem that the latest version of Java was being exploited on a site receiving a heavy volume of traffic. 

Related

Java has been a source of security concerns for years. Java 7 Update 7 was an out-of-cycle patch released in September to block a vulnerability that let hackers assume total control over a computer. The software is near-ubiquitous, making it an appealing target for hackers. Check out our explainer on Java for more information, including a walkthrough of how to disable and uninstall the app on your computer. 

Image via Jennie Faber

Editors' Recommendations

Anna Washenko
Anna Washenko
Former Digital Trends Contributor
Anna is a professional writer living in Chicago. She covers everything from social media to digital entertainment, from tech…
TrickBot returns with new attack that compromised 250 million email addresses
nhs email gaffe button

The TrickBot malware, which earlier this year worked in tandem with the Ryuk ransomware to siphon millions of dollars for hackers, is back with a new attack that may have compromised as many as 250 million email accounts.

In a report by Deep Instinct, the cybersecurity company revealed a new variant of TrickBot that teams it up with a malicious, email-based infection and distribution module dubbed TrickBooster.

Read more
Apple’s new sign-in feature brings a secure way to log in to your iOS 13 apps
Sign In with Apple.

At WWDC 2019, Apple is continuing to make its case and push for stronger privacy features. To make it simpler and more secure for iOS 13 users to sign in to apps, Apple is launching a new sign in button called "Sign in with Apple." The tool works like similar social sign-in buttons -- like those that allow users to log into third-party apps with either their Google or Facebook ID -- but adds Apple's twist with a focus on privacy and security.

Most apps and services today require users to either create a user profile or login with a social ID to deliver a unique, customized experience. The former requires comes with a lot of friction, as it requires you to enter a lot of information, while the latter is convenient but could reveal a lot about you.

Read more
It’s time to stop believing these PC building myths
Hyte's Thicc Q60 all-in-one liquid cooler.

As far as hobbies go, PC hardware is neither the cheapest nor the easiest one to get into. That's precisely why you may often run into various misconceptions and myths.

These myths have been circulating for so long now that many accept them as a universal truth, even though they're anything but. Below, I'll walk you through some PC beliefs that have been debunked over and over, and, yet, are still prevalent.
Liquid cooling is high-maintenance (and scary)

Read more