All versions of Java 7, including the current Java 7 update 6, are vulnerable to the hole that is already being exploited in the wild. With the publication of a vulnerability notice by the US-CERT and warnings from the German BSI (Federal Office for Information Security), the best advice for all users is to disable Java applets in their browsers on all operating systems.
The vulnerability can be exploited when a user visits a specially crafted web site and can be used to infect a system with malware. Thecode to exploit the problem is already available on the internet, making its use for infecting systems very likely. There is no patch available for the flaw so it is essential that users disable the Java plugins used by their browsers. Instructions for the various browsers can be found below:
- How to turn off Java Applets in Firefox
- Plugins in Chrome – refer to the Disable Specific Plugins section
- Disable Java in Safari