On January 10th, the U.S. Department of Homeland Security’s Computer Emergency Readiness Team issued an alert about vulnerabilities in the version of Java that runs on most personal computers and within most browsers. The agency reported “A vulnerability in the Java Security Manager” makes it possible for an attacker to “compromise a legitimate web site and upload a malicious Java applet (a ‘drive-by download’ attack).” The agency urged people to “ consider disabling Java in web browsers until adequate updates are available.”
On Monday, Oracle issued an update to Java. If you have the software, you should allow it to update itself or go here to download an up-to-date copy. Instructions on how to disable Java can be found here.