E-MAIL THIS LINK
To: 

Java Software Said to Put Computers in Peril
[An Nahar] The U.S. Department of Homeland Security warned Thursday that a flaw in Java software is so dangerous that people should stop using it.
"It could kill you! Really!"
"At the very least you could go blind!"
"This vulnerability is being attacked in the wild, and is reported to be incorporated into exploit kits," the department's Computer Emergency Readiness Team said in a notice on its website.
"Reported to be"? Did you go look? I'm reported to be 6'2" tall, with wavy blond hair, and not only a six-pack but a twelve-pack.
And very handsome your reported appearance is, too.
"We are currently unaware of a practical solution to this problem."
"There probably isn't one. Quit using Android. Quit using Oracle's database interface. Quit using all that stuff. It's too dangerous!"
The recommended solution was to disable Java, which typically runs as a plug-in program in web browsers.
If you want to do nifty things with your Oracle database without having to use that black-and-white command line with all the commands you can't remember then you need Java. But who uses Oracle, anyway?
Java is distributed by business software powerhouse Oracle and is popular because it lets developers create websites in code that can be accessed regardless of a computer's operating system.
Java Server Pages runs on the server, not on the client machine.
Java was created by Sun Microsystems, which was purchased by Northern Caliphornia-based Oracle.
Ahah! That must be the problem! I'm not too sure why, but it must.
Hackers who get people to visit booby-trapped websites can exploit the Java vulnerability to execute code on computers, according to security firms that have backed up CERT's warning.
There's a less hysterical description here.
Be aware that it's particularly difficult to completely detach Java from Internet Explorer. If that's the browser you use, you might want to switch to Firefox or some similar substitute, at least until this gets cleaned up. It takes two clicks to disable Java in Firefox. And it will take two clicks to re-enable it once a cleaned up version of Java is available. But I personally wouldn't wait for that unless you're fond of supporting Bulgarian hackers, Russian criminals and Chinese information ops types.

Posted by: Fred 2013-01-12
http://www.rantburg.com/poparticle.php?ID=359871