Folks, just a reminder that if you have Java on your PC you should update
it to the latest release, which is version 7 update 11. In Windows, the
Java Update Checker _should_ advise you to update but you can force it
easily enough. In Control Panel - Programs run the Java applet (may be
called "Java" or "Java (32-bit)" etc.). On the Java Control Panel, select
the Update tab and select Update Now. Follow the prompts (you'll probably
want to un-check the Install Ask Toolbar prompt).
As part of the update, Oracle has set Java's security to "high" which means
it will prompt before it runs any applets that are either self-signed or
not signed. Applets signed by a CA are allowed to run as before.
You can also reduce your threat surface more by disabling Java in your
browser(s). In IE do Settings - Manage Add-ons and disable the Java
Plug-in. In Firefox do Firefox (orange button) - Add-ons - select Plugins
and disable the JDK.
Ideally you would uninstall Java altogether since even this update doesn't
close all holes. But that may not be possible, especially for IT folks
since a lot of management consoles use it.
..
On the Internet Explorer side of things, if you use an older version of IE
- version 6-8 - run Microsoft Update and check for updates. MS released a
patch for a zero-day exploit on Monday. Upgrade to IE 9 or 10 if possible.
..
While you're at it, you might check your other apps for updates. For
instance, Acrobat Reader should be 10.1.5 (Run Reader and do Help - Check
for updates..). And of course IBM i Access updates are at
http://www-03.ibm.com/systems/power/software/i/access/windows_sp.html(check
your SP version by running the IBM i Access control panel applet).
midrange.com
