Updated: Fix for Java security flaw available

-- Updated Sunday, Jan. 13, 6:31pm: --

A downloadable update to the Java platform is available on Oracle's website. Oracle made this update available on Sunday evening. Continue reading to understand why it is critical that you perform this update.


A new computer virus has U.S. government security experts taking the unual position of recommending that people disable a common background computer program found on most PCs and Apple computers.

On Thursday of last week, the Computer Emergency Readiness Team (CERT), a part of the Department of Homeland Security, issued a statement urging Americans to disable Java because of a flaw that a new "Trojan horse" virus can exploit. Named Mal/JavaJar-B, the Trojan can let an attacker remotely trigger a malicious program once it's inside. The Department of Defense has also started disabling Java on its systems.

CERT has issued warnings in the past, but has never recommended turning a program off because it had worked with technology companies to develop a remedy or work-around to the problem. It recommends leaving it off until an update to Java is available. Java is a computing platform and programming langue that many business applications, games, apps and other programs use, and is installed on more than 850 million personal computers worldwide, according to Oracle. As such, disabling Java may affect the use of other programs.

Apple has already pushed a revision to its Mac OS X operating system that will prevent the current or past versions of Java from working. Users of computers running Windows will need to disable the program manually.

Oracle has posted instructions for disabling Java on its website.