Protect Against Latest Java Zero-day Vulnerability Right Now: Mal/JavaJar-B
Sophis Naked Security’s Fraser Howard reports that a new zero-day vulnerability for Java has been found, reported to be infecting even those running the latest Java version (7u10).
Unfortunately, it has been found in some of the most prevalent crimeware kits being used to infect users with malware, so it is being targeted NOW.
Howard says Sophos strongly recommends that users consider whether or not they require Java to be installed at all, and if yes, whether it needs to be enabled within their web browser.
A single check-box can be used to disable the web plugin entirely, protecting you not just against this latest zero-day, but also against the ones we’re likely to see during 2013.
Naked Security’s Chet Wisniewski has put together simple instructions for users of the most popular browsers, explaining how Java can be disabled:
How to disable Java in Firefox
How to disable Java in Chrome
How to disable Java in Safari
How to disable Java in Opera
How to disable Java in Internet Explorer