IE 11 is not supported. For an optimal experience visit our site on another browser.

Java mega-patch fixes 40 serious flaws

Java logo
Oracle Corp.

Java is not the safest software that users can install, as evidenced by the 40 flaws patched in its latest update. Users would be wise to install the update as soon as possible, although they would arguably be better served by ditching Java entirely, unless it's totally necessary for their operations.

Users should install Java 7, Update 25 as soon as possible, although they may not want to take a look at the list of vulnerabilities it addresses. Of the 40 flaws listed, 37 of them require no authentication whatsoever, and can be activated remotely.

More than half of the patched flaws required "low" levels of complexity for access, and many of them allowed potential malefactors to glean personal details from compromised computers. The issues also plagued Java at every level: Consumer software, developer tools, the installer and Web servers were all potentially exploitable.

A few of the flaws required physical access to a computer in order to be exploited. Developer Oracle did not reveal whether hackers had used these vulnerabilities to compromise any systems in real life, but given Java's spotty track record for user safety, it's not unlikely.

Java is a programming language and platform for computer software that used to be a major component of website construction. Today, Java's uses are more limited, but there's still a good chance you've encountered a Java app in your everyday life.

The Android operating system runs on a Java-based platform, as do many older websites, especially corporate ones. Universities and the military use Java to run complex simulation programs, and it plays a vital role in running the popular computer game "Minecraft." [See also: How to Keep Java in Your Web Browser and Still Be Safe]

That said, save for the relative few who really need it, Java has become more of an outdated security risk than a useful plugin. Java 6, the program's previous iteration, no longer receives any security updates. As Java 7's Update 25 demonstrates, the system's patches are infrequent enough to allow many security issues to crop up in the interim.

One of the safest ways to keep Java on your system while blocking out its more unsavory applications is to disable Java plugins for your Web browser. That way, the Java software can continue to run when necessary (like when "Minecraft" requires it), but also stays relatively isolated from online threats. Even so, keeping the software up-to-date is non-negotiable.

If you do decide to keep Java on your system, verify your version at Java's website, and follow its instructions. Otherwise, access your operating system's uninstall function and let the program go. Your computer's firewall will thank you.

Follow Marshall Honorof @marshallhonorof. Follow us @TechNewsDaily, on Facebook or on Google+.