Is there a security risk with Java version 7?
Yes, a high PC and network security risk has recently been identified with Java version 7 – beware, this affects all operating systems and all browsers where users are running Java 7. A patch (or bug fix) may not be available from Oracle until mid-October.
Systems Affected
Any system using Oracle Java 7 (1.7, 1.7.0) including:
* Java Platform Standard Edition 7 (Java SE 7)
* Java SE Development Kit (JDK 7)
* Java SE Runtime Environment (JRE 7)
Web browsers using the Java 7 Plug-in are at high risk.
We’ve recently posted a blog article on this Java security risk. Full details and advice are available on the ITWiser blog.
This extremely high risk vulnerability could potentially cause havoc for many users of Java 7. It seems that an ‘exploit file’ can be run just by visiting a ‘bad’ website. This then runs the exploit under the same privileges as the Java user, and could mean that a hacker could effectively take over your entire system. This warning is not just applicable to system admins – it affects anyone running Java 7 on their computer with a live internet connection.
ITWiser are urging extreme caution and suggest you consider disabling the Java plugin (version 7) until a patch is available from Oracle. If unsure you should contact us for urgent assistance.
ITWiser provide corporate IT security solutions to businesses throughout Yorkshire.