Posted over 7 years ago. Visible to the public. Deprecated.

Disable the Java plugin in browsers to avoid drive-by attacks

Firefox and Chrome no longer support Java-like plugins.

Every now and then, Java is subject to security issues where code can break out of Java's sandbox and obtain more privileges than it should.
In almost all cases, such issues are actively being used for drive-by attacks via the Java browser plug-in, for example by malicious ad banners.

Since removing Java completely is not an option for us, make sure the Java plug-in is always disabled in every browser, even when you have updated Java on your machine.
Please remember to also check browsers inside your virtual machines.

  • The "How to turn off Java applets" guide basically says:
    Tools → Add-ons → Plugins → Disable the Java plug-in, if present.
  • You can visit about:plugins to check which plug-ins are currently enabled.
Chrome (deprecated - newer chromes do not support plugins anymore):
  • Visit chrome://plugins/. (Note that this is not the same as going to Settings → Extensions, since extensions and plugins are different things.)
  • Disable the Java plug-in, if present.
Internet Explorer:
  • Tools menu → Internet options → Programs → Manage Add-ons → Select the Java plug-in, if present, and disable it.

makandra has been working exclusively with Ruby on Rails since 2007. Our laser focus on a single technology has made us a leader in this space.

Owner of this card:

Arne Hartherz
Last edit:
over 1 year ago
by Henning Koch
unix, linux, ubuntu
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
Posted by Arne Hartherz to makandra dev
This website uses cookies to improve usability and analyze traffic.
Accept or learn more