A vulnerability in Java, a programming language used in many applications and installed on most computers on the K-State campus, is being actively exploited on the Internet to take over control of computers. K-State’s network is being attacked many times a day, looking for computers to compromise via this vulnerability in Java, and at least three K-State computers have been compromised recently by this exploit. This vulnerability affects version 6 Update 23 or older of the Java Runtime Environment (JRE).
K-Staters need to:
- Update JRE in Windows to the latest version, which at the time of this writing is 6 Update 25 (Update 24 actually fixed the bug, so that version is safe too). You can get the latest version from Oracle’s Java website, or update it from the Java Control Panel in Windows.
- Configure Java to automatically check for and download updates in that same control panel. If configured for automatic updates, the Java icon (above) will appear in your system tray (usually in the lower right corner of the screen) to alert you that an update needs to be installed.