15 January 2014

On 14 January 2014, Microsoft and Adobe issued their regular monthly Patch Tuesday security updates, while Oracle also released its quarterly Critical Patch Update.

Affected Microsoft products include Microsoft Office, Windows and Dynamics.

Microsoft’s bulletin is available here.

Affected Adobe products include and Adobe Flash and Reader.

Adobe’s bulletins are available here.

You should update your system as soon as possible.

Oracle’s quarterly Critical Patch Update is for all Oracle products and includes 36 security fixes for Oracle Java SE. These address a wide range of vulnerabilities including some known to be targeted by cyber criminals.

If you use Java you are advised to update your system as soon as possible.

You should carefully evaluate your need for Java and if you do not require it, you should uninstall or disable it.

About Java

Java is (confusingly) both a programming language and a software platform owned by Oracle. Some applications and websites require Java to be installed on your computer to function correctly, but many people can manage without it and should ensure it is disabled.

For the average user, the most commonly used component of the Java SE package is the Java Runtime Environment (JRE).

Even more confusingly, Java can be referred to by a multitude of different names. Oracle’s website points out that, “Java software for your computer, or the Java Runtime Environment, is also referred to as the Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, Java plug-in, Java plugin, Java add-on or Java download.”

It is also often confused with Javascript, which is a programming language and unrelated to Java.

Oracle provides a more detailed explanation of Java here.

You can check to if Java is installed on your computer here.

Disabling Java

Disabling Java by disabling its browser plugin is the easiest approach to managing Java on your computer. This will stop Java from running while using your browser which is how Java has been the most vulnerable. You can still re-enable the plugin in the future if required.

How to disable Java in your browser (Windows).

Alternatively, it is also possible to uninstall Java (Windows).

Java on Macs

It is important to treat security on a Mac the same as any other computer. This includes using reputable security software and following best practices for protecting your computer.

By default, most recent Mac OSX updates have already removed Java.

If you wish to use Java on your Mac, you should update to the latest version to enable it.

Here is how to manually uninstall Java on a Mac.

More information

Oracle provides useful answers to FAQs on its website, including how to update Java on Macs, set automatic updates and notifications.

Security researcher Brian Krebs has recently provided some further useful questions and answers on Java.

Here are more Stay Smart Online steps for securing your computer.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.

Feedback

Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.

Disclaimer

This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

CONTACT US

Facebook: www.facebook.com/staysmartonline
Email: staysmartonline [at] communications.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address [Email].
Update your profile preferences
If you no longer wish to receive this information, you can unsubscribe.

© 2013 Australian Government. All rights reserved

Connect with Stay Smart Online
  • Facebook.
  • youtube
  • RSS feed