News |

CERT-FI urges Java uninstall

The Finnish national computer security incident response team CERT-FI is advising the public to uninstall Oracle's Java programme from web browsers unless it is needed.

Ruutukaappaus Java-ohjelmiston lataussivusta.
CERT-FI says that the issue has been reported to Oracle, but no fix has yet been released. Image: Java / Yle Uutisgrafiikka

Yet another vulnerability has been found in the Java browser extension that can be exploited to infect computers with malware.

According to CERT-FI, this latest vulnerability affects Java 6 update 41 and Java 7 update 15. The distributor, Oracle, has issued fixes for earlier versions, but not yet for these two.

The problem impacts many users because of the large number of web-based services that run in a Java environment. Yle reported last month that Java has become the biggest problem being dealt with by the Helsinki-based F-Secure internet security company.

"Security holes are being found all the time in Java. As soon as Oracle manages to issue an update and plug them, new ones are discovered immediately," F-Secure's Chief Research Officer Mikko Hyppönen told Yle then.

Cert-Fi's advisory (in Finnish)

Latest in: News


Our picks