Los Angeles Times
Link to article:
US Urges Users to Disable Java
Security problems in computer software and operating systems are usually pretty cut-and-dried: a problem comes to light, the company announces a fix or patch, and it fades from public consciousness. So when the US Department of Homeland Security announces that a security breach in the latest version of Java is such a major leak that all computer users should immediately disable the software, and Apple remotely disables Java for all users of its recent OS, it's a reason to sit up and take notice. (Update: Tuesday January 15th Oracle released 86 security patches to safeguard Java, so follow the news to find whether this makes the software safe to use again.)
Excerpt: "In a rare warning, the U.S. Department of Homeland Security is urging computer users to disable the Java software, citing what it says is a vulnerability in the Oracle's programming platform.
Apple said it is heeding the advice and has remotely disabled Java for most Mac users.
'Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system,' the Homeland Security's Computer Emergency Readiness Team said in a note posted Thursday. 'We are currently unaware of a practical solution to this problem.'
According to Reuters, the vulnerability makes it possible for hackers to install malware that enables them to commit identify-theft crimes or add infected computers to networks that can be used for cyber attacks."