Possibly because there are currently people actively exploiting known holes when Java is running in a web browser. The holes weren’t as important when they were not being actively exploited.
It also isn’t so much of a problem for applications running on the local computer outside of the browser where actually gaining access from the internet can be much harder and since that’s where most Java runs the latest problems provide a good time to promote disabling it in the web browser - which will assist in improving security overall.
Whatever holes exist in Java the hacker has to have acces to the environment it is running in to be able to exploit them. It is far easier to access Java running in a web browser than it is to access Java running elsewhere (whether on the server or on your local computer) as the browser provides them the access to Java where other security measures will normally block their access to Java running in other locations. They can’t exploit a security hole in Java if a firewall )or other security measures) prevents them accessing it.
Here we go with all the confusion between Java and javaScript – yippie!!!
That article should explicitly state that this does not mean turning off JavaScript because I’m sure that is what about 100% or the none/semi- technical crowd interpret the solution as.
Correct me if I’m wrong but any attempt to install software through Java applet would result in some type of prompt, right or no? I guess either way most people would probably click the prompt not thinking anything of it.
Watch all the articles creep up on how the web is broken when “Java” is turned off by the semi-technical crowd. Those who think they *know what they are talking about but haven’t got a clue. The first one will probably be something about Facebook…
