Oracle’s Java is a common programming language – tiny Java programs can run inside a web browser to allow you to play some web based games (e.g. Runescape) or use online calculators etc.
It is installed as an add-on or extension into the web browser – many of our visitors still have it installed, even though it’s a safe bet that very few of them actually use or need it…
What’s The Security Issue With Java?
Security specialists Kaspersky have stated that 2 of the top 10 vulnerabilities on computers are caused by Java – vulnerabilities that could give the attacker full system access to your computer.
ESET (another respected security vendor) also reported on the risks inherent in having it installed (especially if it is not updated) and confirmed that the most frequently exploited target of viruses was Java.
And a Microsoft Technet article a few years ago noted: “The most commonly observed type of exploits were those targeting vulnerabilities in the Oracle Java Runtime Environment … between one-third and one-half of all exploits observed in each quarter were Java exploits“.
It is fair to say that most of these vulnerabilities had been addressed and fixed by Oracle – so if Java is up to date the situation is not as bad as the bleak picture these reports might suggest.
However, the overwhelming theme is that it is attacked so often because it has been installed on so many computers – why make yours a target if you don’t need it?
Should You Uninstall Java?
If you know that you need Java for particular websites, ensure that you keep it updated to minimize the risks – see why you should update Java.
For best protection, you could leave Java active in IE (Internet Explorer 11) and use that to visit only those specific sites that need it – use a more modern browser like Chrome or Firefox (where Java is disabled by default) for all your normal day to day web surfing.
If you don’t know if you need Java, disable it in your web browsers for a few weeks and see if any of the websites you visit most frequently complain about needing it – it’s unlikely they will because very few sites still use it…
If you find that you don’t need it then you could leave it disabled in all web browsers. But it would make much more sense to just uninstall it from your list of programs in the usual way – and you’ll never have to update it again.
Java is occasionally used by some other programs, not just web browsers e.g. the popular free LibreOffice (formerly OpenOffice) suite uses it for some advanced features, as do some specialized business apps.
But if you’re an average home user, you most likely don’t need Java at all nowadays – it’s a good few years since I visited a website that required it.