In an earlier article I outlined how running Java can increase the opportunities for malicious hackers to compromise your computer.
There are several ways to protect yourself from these types of attacks, but one thing that’s essential – if you don’t want to completely eradicate Java from your computer – is to keep it updated.
They may be the bane of your digital life, but software updates are crucial to staying safe online, whatever operating system is installed.
First, let’s take a look at how you can check whether you’re running the latest – and safest – version of Java.
Checking your Java version
If you’re unsure about what version of Java you’re running, or whether you’ve got Java installed at all, head on over to the Oracle verification page.
Click on “Verify Java Version” to get started. You may be asked to allow a “Java Detection” applet from Oracle – click “Allow” to any prompts so your Java version can be checked.
If you’re running the latest version of Java, you’ll be met with a cheery success message. Otherwise, you’ll be provided with an alert instructing you to download an up-to-date version.
Updating Java
If you’re running Windows, your best bet is to open Control Panel and look for the “Java Control Panel” icon.
After clicking on the Java icon, visit the “Update” tab to force an update check and configure Automatic Updates.
Don’t worry, OS X users – the procedure is very similar for you. Open System Preferences and look for the “Java” icon to launch the Java Control Panel, and follow the steps above to manage your updates.
Removing Java
Although you can disable Java from running inside your browser, I would recommend a complete uninstallation if you want to rid your computer of it for good.
Conveniently, Oracle offer a set of straightforward uninstall instructions for users on Windows, Mac OS X and Linux distributions.
The exact steps required to uninstall Java seems to change each day. So, for the latest information, I’d recommend taking a look at the guide that Oracle provides for your operating system.
Of course, you should check with your company’s IT support team before making changes to your work computer.
Further reading:
- Plugins – yes, they’re handy but they also increase the surface of attack
- How to update Silverlight – or uninstall it completely!
- How to update Adobe Flash – or uninstall it completely!
It's important to realise that in Linux (and possibly other Unices it's just been a very long time since I've had a chance to use the others) you might have instead java-<version>-openjdk installed and that's for the system install of Java; then you might have icedtea-web for the Java plugin for websites. And then you won't necessarily have the same version as Oracle suggests. Importantly this doesn't mean you are out of date. Furthermore, taking a look at Java RPM on their website (inside it, I mean) they have it installed in a rather less standard location and then: what application will use which version (and the more versions you have the harder it is to keep track)? If you install any application through your package manager that uses java it'll most assuredly require the one from the repository (your package manager). Also, the Java website only has RPMs which has the following downsides:
1. Not a repository so updates aren't pulled.
2. Won't help non Red Hat based distributions (unless you know how to extract it but that sort of defeats the purpose of the package manager unless you convert it to your proper package manager format; even then #1 still exists).
Lastly: mixing these two different Javas (or anything actually) is only asking for trouble (in almost all cases and if you know when it works you know enough to fix problems that might arise).
Edit: Don’t forget 64 bit and 32 bit libraries/etc. are located in different directories. So if you do happen to follow the instructions on the Java website mind that there might not be the file they suggest (you’d have to download the correct version based on your OS install).