And you should do this update; Oracle has finally gotten around to pushing a massive 50 vulnerability fixing update to Java. The bad part is that most of us have decoupled Java from our browsers, and I am wondering if this is too little too late.
With Mozilla (Firefox) dropping Java support from its browser in the latest update to that program, and Apple’s idea that Java is just simply a bad thing for the IOS, it is time to wonder if Java has reached a risk/reward tipping point in how it is used, and how it is rendered. Not a week does not go by where there is some new critical vulnerability to the program, and as a risk it has become so huge that it is probably time to move onto something safer like HTML5.
While I know those of us who use Cisco Routers GP Java Panel to manage their routers in the network have had to fall back to IE to make it work, and the loss of Firefox is huge for some people who want to manage their routers though the HTML interface, there is a lot more here than just the loss of Java in the Browser. We all have gotten use to not using Java with our Ipads, Iphones, and other IOS devices that the loss of Java is not so bad to the average user in my opinion.
While Java is awesome and will allow you to do some very cool things with your computer, the idea that this has become one of the major ways that hackers get into your computer has to be part of the corporate and personal risk matrix. Honestly, in my opinion Java is simply too risky to put back into play until it becomes much more secure and much more well attended by Oracle than it has been in the past. I honestly believe that the heyday of Java is pretty much so over with at this point, and I personally have no reason to bring it back onto my computer systems, or allow it to be run in the corporate labs that I manage.
Is Java too risky for you as well?
At this point, I am leaving it turned off, there is no logical reason that I can think of to own it right now on my boxes, even with IE, it is time to turn it off, turn it off for good, and find a different way of managing systems that require Java to render command and control interfaces.
(Cross-posted @ Hacking Cloud Computing)