A few (5?) days ago, the U.S. Department of Homeland Security urged PC users to disable the program (Java) because of bugs in the software that were being exploited to commit identity theft and other crimes.

For those interested, a report of that notice is at US warns on Java software as security concerns escalate.

A new report, just posted yesterday indicates that Oracle has released a patch, but warns that the patch is not a complete fix for the vulnerability.

The latest report is at Despite Java update, security experts say bugs remain.

Security advisors continue to recomend that Java be removed or disabled, whether or not the patch is applied.

Some time ago, Oracle warned that older Java versions were "highly vulnerable" and released newer versions. With prior updates it was common to find Java applications that required an obsolete version so many people kept multiple ones in their browsers with only one (or none) enabled, in case they ran into something that needed an older version. At that time, we were assured that the latest version was "fully backward compatible" and were advised to remove all older versions. Even then, it was recommended by most security advisors that the Java utility should be disabled except when needed.

At about that time, or possibly a little before, reports are that Apple removed all old versions from their supported machines.

I personally followed instructions, removed all the old ones, downloaded the latest version "just in case I needed it," and disabled it.

When I checked at the time of the Homeland Security warning (first link above) I found that there was no Java in tools on my Internet Explorer, although I haven't checked to see when it was "disappeared."

It's likely that most Windows users will also find that Microsoft updates have removed Java (but maybe only if it was turned off at the time of the update?). It would be suggested that everyone take a look at whether or not it's still there in their browsers.

In IE, Tools | Manage add-ons or the little "sprocket"|Manage add-ons will get you to the right place. The default is to display "currently loaded" so you have to roll down to get "all add-ons" to make sure whether it's there. If it's present, some Java uses can turn it on/off when needed, with or without notifying you, so it needs to be completely gone if you don't want it to pop up.

SECOND SUBJECT:

Also worth noting is that Microsoft issued an "out of sequence" (Emergency) patch for Internet Explorer yesterday. You should get it automatically if you get automatic updates. This patch applies only to IE8 and older. Windows 7 users should already have IE9 and Win8 people should have IE10, and will not be affected; but some older OS versions can't use the latest IE releases and should get the patch.

John