Understand the Java Exploit

on Jan 11th, 2013 | in Editorial

The Etsy forums lit up today with the news that a critical security hole (exploit) has been found in Java, a plugin installed with many browsers. Brittany asked me to explain what the security hole means and what you can do to defend yourself.

Java is a technology akin to Flash that allows websites to do things beyond the power of the browser. It’s often used for file uploads; Facebook used to have a bulk photo upload tool that was a Java plugin; only recently did they change the technology.

It’s important to note that JavaScript, though very similar in name, is a completely different technology and is not affected.

Java run prompt

A prompt to run Java code on a website

The security hole allows Java to install malicious software on your system when you visit a website that has a Java plugin. Since most websites don’t purposefully hack the computers of their visitors, this will usually happen when a hacker has compromised a site and installed the plugin without the website owners’ knowledge.

PCs and Macs alike are affected, no matter which browser you run. It can only be exploited if you’re running the Java plugin, however. Visit the official Java plugin site to see if you have Java installed – click the big red ‘Verify Java’ button and the page will reload to tell you if you have Java and which version.

The best protection until Java is updated is to disable Java in your browser. Detailed instructions for different browsers can be found at Krebs on Security. To find out which browser you’re running, visit an identification site. The good news is that Java has fallen out of favor as a technology on websites, so disabling it likely won’t cause your internet experience any harm.

Tim Hansen is a software engineer and consultant who has worked across many industries in his fifteen year career – including Hewlett-Packard and the U.S. government.
Cover image by Nick Carter on Flickr.
Want more Etsy tips? Subscribe to my newsletter

Get my latest articles straight to your inbox about once a month. Learn how to improve your Etsy shop, boost your sales and discover other sellers from the Etsy community.

Leave a Reply

Your email address will not be published.

« »

Scroll to top