According to Oracle’s Security Alert for CVE-2012-4681 all systems running JRE 7 Update 6 and earlier are at risk. Those still running JRE 6 must also update to version 35 as all earlier versions are now listed as vulnerable. However, the exploit does not affect servers or standalone desktop apps, only web browsers. To prevent intrusion from happening now, and in the future, there’s two steps to take. The first is to disable Java plugins for all of your web browsers. The second step is to manually update the Java runtime environment on your computer to build 1.7.0_07-b10 (Update 7) or newer. Bad Version:

Good Version:

The update can be found on Oracle’s website in the official Java download center. While at the site click the Download button under the JRE column of the Java Platform, Standard Edition.

From the Download list, select the one that matches the Operating System you’re using. If you’re unsure whether you are running 32-bit or 64-bit, check out this guide. If you’re running Linux, we’ll just assume you know. 

Once the update downloads just run it and Click Install. It’s a one-click procedure, and it takes about one minute to complete.

Alright, hopefully this makes you feel more comfortable with your computer’s security! I know I feel a lot better not worrying about it anymore. With the update installed and plugins disabled, your system should be safe from Java exploits for the foreseeable future.

If you have already installed it, you can safely uninstall it and there’s a good chance that you wont even notice that its gone. If a website does ask you to install it again you can then decide if you really need that website feature and whether it warrants the extra risk from Java RTE. Unfortunately for me, I have a bunch of Java Apps which are used at work so I need it installed on my work machine…. For home, it’s gone baby! Comment

Δ