Help on determining Java

[flipninja]

okay, so with this security vulnerability on java, I decided to check what version I have. When I do, it tells me I need java runtime. There is no java icon in system preferences, but there is "Java Preferences" in my utilities.

My question is do I have java installed? I did upgrade my macbook pro from snow leopard to lion 2 years ago.

and if its safe, can I just delete the java on my mac?

Thanks in advance

 

[GGJstudios]

You don't need to delete Java. Just make sure it's disabled in your browser until you're on a trusted site that requires it. Read the What security steps should I take? section of the Mac Virus/Malware FAQ for this and tips on practicing safe computing.

 

[bradl]

You don't need to delete Java. Just make sure it's disabled in your browser until you're on a trusted site that requires it. Read the What security steps should I take? section of the Mac Virus/Malware FAQ for this and tips on practicing safe computing.

I actually disagree and say that you *do* need to delete Java. It is absolutely possible to have installed and run multiple versions of Java. In fact, that is more of a feature that they have than a bug. So if you have a vulnerable version of Java installed, you could theoretically install the update that contains the fix, and still have a vulnerable version and fixed version on your machine, because the patched version will be in a different directory tree altogether. All it would take to switch between versions is changing the path to java, or the $JAVA_HOME variable.

To play it completely safe, I would say to delete/uninstall the vulnerable version of Java and then install the patched version.

Also, running a 'java -version' may come in handy, because the Java 7 vulnerability doesn't appear to be present in Java 6, though Oracle will stop committing updates to Java 6 sometime this year, leaving whatever vulnerabilities it has completely open forever.

BL.

 

[flipninja]

You don't need to delete Java. Just make sure it's disabled in your browser until you're on a trusted site that requires it. Read the What security steps should I take? section of the Mac Virus/Malware FAQ for this and tips on practicing safe computing.

But I could uninstall it right? Sorry, I'm not too familiar with java and I don't know if removing it could pose a security threat.

----------

I actually disagree and say that you *do* need to delete Java. It is absolutely possible to have installed and run multiple versions of Java. In fact, that is more of a feature that they have than a bug. So if you have a vulnerable version of Java installed, you could theoretically install the update that contains the fix, and still have a vulnerable version and fixed version on your machine, because the patched version will be in a different directory tree altogether. All it would take to switch between versions is changing the path to java, or the $JAVA_HOME variable.

To play it completely safe, I would say to delete/uninstall the vulnerable version of Java and then install the patched version.

Also, running a 'java -version' may come in handy, because the Java 7 vulnerability doesn't appear to be present in Java 6, though Oracle will stop committing updates to Java 6 sometime this year, leaving whatever vulnerabilities it has completely open forever.

BL.

When I do run the terminal, that's when the runtime pops up. But If I just remove it once and for all and not reinstall it, is that safe?