Skip to: Content
Skip to: Site Navigation
Skip to: Search

Disable Java? Here's how, after US agency warns of software 'vulnerability.'

To prevent cyber crime, the Department of Homeland Security advises Americans to temporarily disable Java 7 software, commonly used in Web-browser programs. 

By Staff writer / January 12, 2013

The Java logo at Sun Microsystems' offices in Menlo Park, Calif. The U.S. Department of Homeland Security is advising people to temporarily disable the Java software on their computers to avoid potential hacking attacks.

Paul Sakuma/AP/File


(Updated Saturday, Jan. 12, at 3:30 p.m. EDT.)

Skip to next paragraph

With an eye on the security of millions of Internet users, the US Department of Homeland Security is advising Americans to temporarily disable Java, a software commonly used in Web-browser programs.

It’s not that Java itself contains a malicious computer virus. The problem is what the agency calls a software “vulnerability,” a kind of open door for hackers to infiltrate a computer. That can result in identity theft or other bad things happening on your computer.

The urgent warning, in response to known hacker activity, comes from the US Computer Emergency Response Team, or US-CERT, a part of the Homeland Security Department. [Editor’s note: This paragraph and the following contain corrected wording, to clarify the distinction between US-CERT and CERT.]

“We are currently unaware of a practical solution to this problem,” said a notice released this week by CERT, a group at Carnegie Mellon University in Pittsburgh, which often provides technical services to US-CERT.

The recommendation highlights the rising threat level in the realm of cybersecurity, and the growing efforts to make devices and networks more secure. The vulnerability in Java is just one piece of that puzzle, but it’s significant because the software is so widely used in Web browsing.

If you want to follow US-CERT’s advice and disable Java, how do you do that?

First, if you use a Mac computer from Apple, the answer appears to be simple. According to reports by technology websites including, Apple has already moved to force a disabling of Java on Macs with the OS X operating system.

For other computer users, a first step may be to check what version of Java you're running. The US-CERT announcements focus on Java 7. Computer-security blogger Brian Krebs notes some uncertainty about whether other versions going back to Java 4 are affected. But he points to evidence suggesting the problem is limited to version 7.

Oracle, the owner of Java, said on Twitter that the problem is limited to "JDK7," or version 7, and that it hopes to have a fix available "shortly." (JDK stands for Java Development Kit.)


  • Weekly review of global news and ideas
  • Balanced, insightful and trustworthy
  • Subscribe in print or digital

Special Offer


Doing Good


What happens when ordinary people decide to pay it forward? Extraordinary change...

Danny Bent poses at the starting line of the Boston Marathon in Hopkinton, Mass.

After the Boston Marathon bombings, Danny Bent took on a cross-country challenge

The athlete-adventurer co-founded a relay run called One Run for Boston that started in Los Angeles and ended at the marathon finish line to raise funds for victims.

Become a fan! Follow us! Google+ YouTube See our feeds!