It pains me as a Java developer to recommend to anyone to disable their Java support in their browsers, but given the recently discovered Java vulnerability that can be exploited by a Java applet running in a browser to do ‘bad things’ to your machine, until this gets patched, it’s worth to disable your Java plugins until it gets patched.
According to some sources, Oracle has known about these vulnerabilities since April, but still has not patched them. Since sites have started showing up that have applets exploiting this vulnerability, it’s worth to play it safe and batten down the hatches, and disabled Java support in your browsers.
Oracle releases security patches for Java every 4 months, the next one is due in October. Until this gets patched, best to play it safe.
To disable the Java plugin on Chrome on Mac OS X:
- Go to Chrome / Preferences, click on Show Advanced Settings
- In the Privacy section, click the Content Settings button
- Scroll down to Plugins, click ‘Disable individual plugins’
- Scroll down to find the Java plugin, click disable
To disable the Java plugin in Safari on Mac OS X:
- Go to Safari / Preferences, click the Security icon
- In the web content section, uncheck ‘Enable Java’
To disable the Java plugin in Firefox on Mac OS X:
- Go to Firefox / Preferences, click the General icon
- Click the Manage Add-ons button
- In the Addons Manager window, click Plugins on the left
- Scroll down to find Java Applet plugin, click the Disable button