How To Disable Java in Chrome, Firefox, Safari & Internet Explorer on Mac OS or Windows to Prevent 0-Day Exploit

Java-skull

If you have been reading any of the Technical publications online, you will probably know that there is currently an exploit in Java that affects most internet browsers like Chrome, Firefox, Safari and Internet Explorer on systems that have Java installed. This is being called a zero-day or 0-day exploit which essentially means that there is a security vulnerability in an application that is so new (“day zero”) that the developers have not had time or the opportunity to patch or correct the security issue. If you think about a disease outbreak, this is day zero of the outbreak and no vaccinations have been created yet.

Java-skull

This Java vulnerability is currently in the wild and affecting systems. This currently identified exploit allows for remote code execution which means that if your system is vulnerable, an unauthorized and/or unauthenticated user on your system can launch arbitrary code without your knowledge. In some lab tests conducted by security firm AlienVault Labs, they were able to use the exploit to launch the Windows calculator. This exploit is already in the hands of hackers around the world and until Oracle who now manage the Java code line release a patch or update the software, it will remain a clear and present danger.

So, are you scared yet? You should be! The only way, currently, to prevent your system from being compromised is to fully disable Java in your browser. This is actually the recommendation from the United States Department of Homeland Security (US-CERT).

Here are some quick How-To’s for disabling Java in your browsers. Covered are Chrome, Firefox, Safari and Internet Explorer.

How to Disable Java in Chrome

In Google’s Chrome browser, you need to simple go to the URL Address bar (where you would type in a website address) and enter:

chrome://plugins

This will launch Chrome’s plugin manager. Scroll down that list until you see the Java listing:

java-chrome

Simply click the “Disable” link if it is currently enabled. I would recommend restarting Chrome when you are finished.

How to Disable Java in Firefox

Disabling Java in Mozilla’s Firefox is relatively easy as well. Just go to Tools > Add-ons from the Firefox menu:

firefox-tools-addons

Or if you are not using the Menu bar, just click on the Firefox menu and choose Add-ons:

firefox-addons

Once you open the Add-ons menu, select Plugins. From there, scroll down to the Java listings. Note that there may be one or two plugins to disable. The screenshot below is from Windows where there are two. On my Mac, there is only one listed.

java-firefox-pc

If the Java plugins are enabled, simply click “Disable.” Then restart Firefox for good measure.

How to Disable Java in Safari

Apple disabled Java a while ago but some people may still have it installed on their systems for one reason or another. Luckily the process to disable Java within Apple’s Safari is very easy. From Safari Preferences, choose the Security tab:

java-safari

Under the “Web content’ section, simply uncheck “Enable Java.” Then restart Safari just to be sure.

How to Disable Java in Internet Explorer (and all browsers in Windows)

One way to disable Java in Microsoft’s Internet Explorer is actually to uninstall the Java application from Windows altogether! But you can also disable it across all browsers in Windows, which would include disabling it in Internet Explorer. Note, the screen shots I have below are for the latest version of Java. In order to take the screenshots, I actually had to install the latest version of Java. I had Java 6 on one Windows machine and had to upgrade it to Java 7 in order to be able to access the Security pane of the Java application panel.

To disable Java on all browsers in Windows, go to Control Panels > Java (it might say “Java” or “Java (32-bit)” depending on your system).  Then within the Java Control Panel, select the Security tab. From there, uncheck the box that says “Enable Java content in the browser” and click either OK or Apply.

java-disable-windows

If you are on Windows 8, you will have to search for the “Java Control Panel” (hit the Windows key plus W to search).

After making the change, be sure to restart Internet Explorer or any other browsers.

Checking to see if Java is Disabled

Once you make the changes that I have listed above, you probably want to quickly test out your browsers. The easiest way to do this is to go to the Java.com site and ask it to check what version of Java you have installed. You can do this by visiting Java.com and clicking on the link “Do I have Java?

do-i-have-java

From that page, you can click on the “Verify Java Version” to see if Java is detected. This is the result that I get:

no-java-installed

Hopefully this information was helpful and easy to do. Please be sure to share this with your friends, family and colleagues so that they too can protect their systems. I’m sure that Oracle will release an update soon so be sure to update your version of Java when they do!

HTD says: Be sure to implement protection when there are security threats!

2 Responses

  2. I haven’t read about it as much so I’d like what this security threat actually causes?
    Do it monitor and intrudes any information exchange activity over the network, is it able to peek into the message sent having confidential information like financial information, bank transaction passwords etc.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Other articles of interest

Global Product Review Disclosure

Disclosure: This is a global disclosure for product review articles on HighTechDad. It does not apply to Automobile reviews and there are other exceptions. Therefore, it may or may not be applicable to this particular article. I may have a material connection because I may have received a sample of a product for consideration in preparing to review the product and write this or other content. I was/am not expected to return the item after my review period. All opinions within this and other articles are my own and are typically not subject to the editorial review from any 3rd party. Also, some of the links in the post above may be “affiliate” or “advertising” links. These may be automatically created or placed by me manually. This means if you click on the link and purchase the item (sometimes but not necessarily the product or service being reviewed), I will receive a small affiliate or advertising commission. More information can be found on my About page.

About HighTechDad

Michael Sheehan (“HighTechDad”) is an avid technologist, writer, journalist, content marketer, blogger, tech influencer, social media pundit, loving husband and father of 3 beautiful girls living in the San Francisco Bay Area. This site covers technology, consumer electronics, Parent Tech, SmartHomes, cloud computing, gadgets, software, hardware, parenting “hacks,” and other tips & tricks.

Facebook-f Twitter Youtube Linkedin Instagram

Recent Articles

Explore Categories

Michael Sheehan (“HighTechDad™”) is an avid technologist, writer, journalist, content marketer, blogger, tech influencer, social media pundit, loving husband and father of 3 beautiful girls living in the San Francisco Bay Area. This site covers technology, consumer electronics, Parent Tech, SmartHomes, cloud computing, gadgets, software, hardware, parenting “hacks,” and other tips & tricks.

Twitter Facebook-f Youtube Instagram Linkedin

Latest Articles

About HighTechDad™