The Protect IU Blog

    Unpatched Java Software a Big Problem

    According to a November 2011 Microsoft security blog post, "between one-third and one-half of all exploits observed in each quarter were Java exploits."  Our experience at the University has been that Microsoft patches get applied regularly, but third party software patching lags behind, exposing computers to exploitation.  There are a couple of things you can easily do, in addition to running anti-virus software and Microsoft Automatic Update to protect your computer and sensitive data.

    1. Install Secunia PSI from IUware Online.  This software will scan your computer for unpatched software and help you install the correct version.  IT Professionals looking for a version that runs with no user interaction should contact uiso@iu.edu.
    2. Use the Mozilla Plugin Check Page (http://www.mozilla.com/en-US/plugincheck/) to check web browser plugins like Adobe Flash and Sun Java for updates.  We blogged about this service previously.

    David Greenberg is a Principal Security Engineer in the University Information Security Office.