My point was that disabling it via ‘Manage Addons’ in IE itself doesn’t work which is a security risk as people would think they had disabled it when they hadn’t. Disabling the Java add-ons in FF/Chrome works fine – without needing to resort to control panel or Services so it is a fault in IE’s add-on management process

As a repair tech, a little part of me dies inside every time I find J2SE lurking on XP machines…

Re disabling Java in the browser, it seems impossible to disable Java within IE itself (have to use Java cpl or disable the service). Disabling all IE’s Java add-ons should work but it doesn’t – Java carries on regardless.

Well-before I posted the above at Krebs on Security I had received an email response from the Metronomic representative in Pittsburgh who had introduced me to the Metronomic insulin pump. His response was a very short and succinct comment, just several words about fixing this Java website problem. Some days later, I forwarded him Brian’s email, with links, “Public Java Exploit Amps Up Threat Level [Krebs on Security].

The Metronomic representative forwarded Brian’s email to his manager.

THE IMPORTANT QUESTIONS: Is there other software that can do what Java does without the vulnerabilities? If so, what levels of expense, what work hours would it take to do the fixes?

- David

However in my experience (which granted has nothing to do with yours) the amount of sites that use applets is very small and in fact I can’t recall the last time I had to make use of it. Uninstall it IMO.

If you really must have it use it in a virtual machine or a sandbox to seperate it from your OS. Comodo Firewall Free Edition has a sandbox function although choose “custom install” and don’t install Comodo Anti-Virus as it’s so bad as to be basically useless – there’s likely other free sandbox applications I don’t know about.

VMware player is free and you can run various OS “inside” a virtual machine – a virtual machine as the name suggests is emulating an entire PC for the OS to run on so for your situation is likely not practical in terms of resources.

Javascript is something completely aside to Java despite the name BTW and is required for many websites to function properly. Java is not required in most cases.

What I learned was very confusing! JAVA, Java script, applets and other related terms became a mixture that seemed to want to all be the same thing. Obviously this is not the case but my point is that a home user that isn’t building the next HAL machine can be very easily mislead about what they need to simply browse the ‘net.

Does one need the JAVA Console (as seen in the Control Panel of XP) in order to have the browser execute applets on the web? Although most of the sources I’ve looked at said no, others indicated it was needed.

What of the JAVA plugins or extensions? Does removing those break the applet ability of the browser? Again, I found conflicting opinions.

BTW: I searched not only the Oracle site, which seemed bent on making sure I installed a lot of things, but various PC forums, security sites (aside from Brian’s wonderful one), JAVA help sites (there are many), etc. In all I probably looked at roughly 20 sources.

Result? I STILL don’t know what I can safely take out and retain the ability to cruise the ‘net while keeping most functions (applets?) working.

I used to think I was pretty savvy home user. I’m not so sure anymore.

PS I’m going to uninstall the JAVA console and cross my fingers. I not a developer after all. And yes, I’m the guy family members and friends call on for help with their PC’s, even a server or two.

As you know, many people in these Comments section, have spent a lot of time mastering Java,
and they go ballistic at the simple suggestion.
Sorry, but you can not hide the truth anymore…

Java is a real security headache on most PCs…read the article above, and others in Krebs on Security.

Java on secured-servers is a different story.