Posted almost 7 years ago. Visible to the public. Deprecated.

Disable the Java plugin in browsers to avoid drive-by attacks

Firefox and Chrome no longer support Java-like plugins.

Every now and then, Java is subject to security issues where code can break out of Java's sandbox and obtain more privileges than it should.
In almost all cases, such issues are actively being used for drive-by attacks via the Java browser plug-in, for example by malicious ad banners.

Since removing Java completely is not an option for us, make sure the Java plug-in is always disabled in every browser, even when you have updated Java on your machine.
Please remember to also check browsers inside your virtual machines.

Firefox:
  • The "How to turn off Java applets" guide basically says:
    Tools → Add-ons → Plugins → Disable the Java plug-in, if present.
  • You can visit about:plugins to check which plug-ins are currently enabled.
Chrome (deprecated - newer chromes do not support plugins anymore):
  • Visit chrome://plugins/. (Note that this is not the same as going to Settings → Extensions, since extensions and plugins are different things.)
  • Disable the Java plug-in, if present.
Opera:
Safari:
Internet Explorer:
  • Tools menu → Internet options → Programs → Manage Add-ons → Select the Java plug-in, if present, and disable it.
Growing Rails Applications in Practice
Check out our new e-book:
Learn to structure large Ruby on Rails codebases with the tools you already know and love.

Owner of this card:

Avatar
Arne Hartherz
Last edit:
9 months ago
by Henning Koch
Keywords:
unix, linux, ubuntu
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
Posted by Arne Hartherz to makandra dev
This website uses cookies to improve usability and analyze traffic.
Accept or learn more