Honestly, it feels like its every other day The Register reports that another vulnerability has been found in Java and these articles tend to recommend uninstalling Java as soon as humanly possible if you don't need it.
Unfortunately most of us simply have to have Java installed on our computers in Ireland for online filing of tax returns over ROS, the revenue online service from the Revenue Commissioners, or banking with Bank of Ireland business banking and many other websites..
Java attacks are very dangerous attacks and normally involve some sort of phishing attack or some kind of dodgy attachment - e.g. clicking on a link in Twitter or Facebook, the website you visit runs calls Java and from your web browser, escalates, to run a piece of malicious code on your computer.
Apart from uninstalling Java which is not always possible, some steps you can take to limit your exposure include:
- Switch to Google’s chrome browser (Chrome's security is generally considered to be better than competing browsers and it's security features include automatic updates, sandboxing - which is highly effective against malware, and other advanced security settings).
- Keep Java patched - Many of the Java vulnerbilities in the wild are targeting older versions of Java. Patching Java can be difficult when automatic updates fail, if this happens, you can visit Java.com to manually update to the latest version.
- Run Java in a virtual machine such as VMware workstation 9 or Virtual box.
- Train your team members to recognise phishing attempts and secure their online presense - this excellent article from the Malwarebytes blog is a good place to start and also this one about password security.
Confirm first if you want Java to run (Chrome - > Settings -> Privacy -> Plugins).