Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remove Java as protection against Future Infections?


  • Please log in to reply
2 replies to this topic

#1 AngryRaisin

AngryRaisin

  • Members
  • 235 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orange County, CA, US
  • Local time:05:55 AM

Posted 10 June 2011 - 12:09 AM

Lately upon cleaning clients computers I have begun removing all versions of Java that I find on the computer. I believe many of my clients are being infected by having the outdated jvms installed. I have found that in my use of the web that I do not come across many sites that use java - I know that I do not browse the entire web but have found that if a site needs java then it usually states as such and gives a link to download the latest version. Does anyone feel that I am doing my clients a disservice?

And on a side note I am looking for a better way to remove all previous versions... I have been using JavaRA offa sourceforge but it leaves the uninstaller registry entries that I have to cleanup using mscui (Microsoft Installer Cleanup).

BC AdBot (Login to Remove)

 


#2 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:05:55 AM

Posted 10 June 2011 - 01:02 AM

Removing Java certainly will reduce the attack surface of the computer, though perhaps outright uninstalling is not necessary. On all of my computers I have Java installed (because I use an application which was written in Java) but I have disabled the browser plugin part. This way, I can keep running my Java app while removing the #1 vector by which malicious Java applications can enter the computer or through which vulnerabilities in Java can be exploited: surfing the web.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,900 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:55 AM

Posted 10 June 2011 - 06:27 AM

Yes older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions prior to that, so they will need to be removed manually. This can be done via Add/Remove Programs or Programs and Features in Vista/Windows 7 as well as with JavaRA.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users