On Sunday, January 13, 2013 Oracle released update 11 for Java 7. This newest update was suppose to have fixed the Zero Day flaw, which hackers are exploiting to secretly install malware on an unsuspecting users computer. Once you unknowingly visit a compromised website the malware is installed on your machine allowing these cyber criminals to steal your identity or make your computer part of a network used to attack other websites.
This Website Is For Financial Professionals Only
Although Oracle is saying that update 11 has fixed two vulnerabilities, security experts along with the Department of Homeland Security are recommending users to disable or uninstall Java. Within the financial services community protecting yourself from the Java exploit is more complicated than just uninstalling Java, since most applications and websites you use require Java to work.
What’s interesting is that most computer users don’t know what Java is or if they have it on their computer. Java is a program necessary for certain websites and applications to function on your computer, similar to Flash. In the financial services industry we have many applications that are dependent on Java to operate.
Last year Java accounted for 50% of cyber-attacks where a hacker was able to break into a computer by exploiting a software bug. Since a similar security scare in August, security experts have scrutinized the safety of Java, some even calling for the program to be re-written.
Do not assume your IT team has this taken care of. We urge you to talk with your IT team to discuss the best way to protect yourself and keep your critical applications working. If you do not have an IT team available, and we had to choose from one of the recommendations from Homeland Security, we would recommend uninstalling Java. By uninstalling Java, should you go to a website that requires it; the website will ask you to re-install it. If you were to only disable Java and you went to a site that required it, the site would just not work.
You should also note that a workstation used by a financial services professional is one of the most sought after workstation from a hacker’s perspective. The reason why is simple: a financial advisor works with wealthy people and advisors will typically keep their clients’ personal information on their computer.
We recommend keeping your systems up-to-date and having regular maintenance preformed on your computer to keep them secure.
To read more: