Java is a popular computing platform, but lately, Java is blamed for its security vulnerabilities. It is recommended by many to disable or completely uninstall Java. However, there are applications and web pages that require users to run the Java programs, and this necessitates the need to protect your system from the Java security threats. Java security vulnerabilities, which you read about almost every other week, can lead to data leaks and can cause unexpected behavior and system crashes.
Using Java securely on Windows 10
In case you need to use Java and you are running Java on your system, it is necessary to follow certain best practices to safeguard your computer. In this article, we provide some tips for using Java securely on Windows systems.
Enable the latest Java version
It is recommended to enable and use the latest version of Java to avoid the security threats causing unexpected behaviors on the system. Enabling the latest Java version will provide the user the benefit of the latest security patches and enhancements. Follow these steps to enable the latest Java version
Go to Start and open Control Panel.
In the Control Panel, click on Java icon to open the Java Control Panel.
Navigate to Java tab
To open Java Runtime Environment settings click on View button.
Check the Enabled option to permit the latest Java Runtime version.
Click on OK button to apply the setting changes.
Click OK in Java Control Panel to confirm the changes.
Now run the Java program embedded in a web browser (applet) to verify if the latest version of Java is installed in your computer.
Set the security level within Java Control Panel
Several times an untrusted Java application by the unknown publisher is included in the webpage. So, whenever a user opens these web pages, the insecure Java will run on your system. In order to get the prompts before running such untrusted Java application or completely block that application, it is required to set the security levels either Medium or High or Very High within the Java Control Panel. If you set the security level for application as Very High, then, only Java application certified by a trusted authority will be allowed to run only when the revocation status of the certificate is verified. If the security level for an application is set High, then Java application certified by a trusted authority will be allowed to run even if the revocation status of the certificate is not verified. If the security level for an application is set Medium, then your system is highly vulnerable to security attacks. Selecting this option will only block the unsigned application. Follow the below steps to set the security levels in the Java Control Panel.
Go to Start and open Control Panel.
In the Control Panel, click on Java icon to open the Java Control Panel.
Navigate to Security tab.
Click on the radio button to select the desired security level.
Click on Ok to apply the changes.
Use Security prompts before running the Java application on Browser
Before running any Java applet, a security prompt appears with the message displaying the risk factors. The security prompt asks users for the confirmation before opening them on a browser. For example, Java prompts with the images like Java or publishers logo and Blue information shield, represents the lower security risk, whereas, the Java prompt with images like yellow warning triangle and yellow warning shield, represents a higher security risk. It is recommended not to run the Java application that is prompted by the high-security risk. On a related note, users are recommended to make an informed decision before running any Java application. If you are running a Java application with a certificate from the trusted authority, you need to verify information like Name, Publisher, and location on the dialog box, and, if the information doesn’t match, users should hit the Cancel button to avoid any security vulnerabilities.
Restore the security prompts periodically
Java users are given an option to hide the prompts, but to build a secure environment, it is necessary to restore those hidden prompts periodically. Restoring the security prompts helps to review the applets and make an informed decision whether to run an application or not. Restoring the security prompts will make sure that the security prompt is displayed as soon as users open the application. Follow the below steps to restore the previously hidden security prompts.
Go to Start and open Control Panel.
In the Control Panel, click on Java icon to open Java Control Panel.
Navigate to Security tab
Click on Restore Security prompts.
Click on Restore All button in the confirmation window.
Enable automatic Java Updates
Java Updates are necessary to keep your system up to date with the new versions of Java. Below steps guides in checking for Updates automatically.
Go to Start and open Control Panel.
In the Control Panel, click on Java icon to open Java Control Panel.
Navigate to Update.
Enable the option with Check for Updates Automatically.
Click on OK to apply changes.
Stay safe!