New Zero-Day Java Bug affects all Windows PCs and Macs

hacker-image-blog A critical zero-day vulnerability has been found in all versions of Java, developed by Oracle.  Java is an application on your computer that can be used by many applications and including web browsers. 

This security vulnerability affects almost every computer. It allows hackers to install malware or other unwanted programs on your computer without you knowing it. They can elevate the permission on the computer which would allow them to do whatever they wanted.

This zero-day vulnerability is grabbing lots of the  media attention and is a big enough risk to have the government to even tell us to disable Java (not JavaScript) on your computer. Which I would highly recommend you do. 

Many anti-virus programs are already creating patches and updates to prevent this threat on your computer.  For now disable your Java until you your Anti-Virus or other can be validated to be protecting against this threat.  I would expect to have Oracle ship out one of its out-of-band security updates to patch the exploited Java Bug.

**********************

Update (1/14/2013)

Oracle has issued an emergency patch that will be shipped with version 7 update 11. Upgrade your Java version as soon as possible.  As always, don’t click on any email links or other links that appear suspicious.

Microsoft has also released a Security Patch to guard against this vulnerability in its IE Browser. The security advisory can be found here.  If you have your Windows PC set to install updates automatically there is nothing you have to do.