SecurityGarden

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Sunday, June 16, 2013

Microsoft Fix it to Disable Java in Internet Explorer

Posted on 5:30 PM by Unknown
java

Java, how we love to hate you!  Many people have uninstalled Java and do not miss it.  That is most likely because they do not have desktop applications that require Java. Unfortunately, that is not the situation for those people who use Java-dependent software programs. 

Until recently, Internet Explorer was the only major browser that did not provide a way to disable Java.  The only way to completely disable Java in IE was to disable Java through the Java Control Panel, which meant re-enabling Java when using Java-dependent programs.  That is no longer true!

Microsoft released a Microsoft Fix it solution designed to block all Java web-attack vectors through Internet Explorer.  As explained by Cristian Craioveanu in the below-linked Security Research & Defense Blog article, the Fix it solution is made up of two parts. 
  1. The Fix It uses the Windows Application Compatibility Toolkit to change the behavior of Internet Explorer at runtime to prevent Oracle’s Java Web plugins from loading.  As a result, the Java ActiveX dlls are not loaded.
  2. The second part of the Fix it clears the access control list (ACL) in the registry for the Java Network Loading Protocol (JNLP) handler which prevents Internet Explorer from automatically opening  files.  

Instructions

Before installing the Fix it solution, please follow the following suggestions:

1.  Create a restore point
  • Windows XP: How to set a system restore point in Windows XP
  • Windows Vista, Windows 7, Windows 8: Create a restore point
  • (Note:  For Windows 8, open the Windows Charms Bar by pressing Windows key + Q.  In the Apps search Bar, type Restore Point, Create Restore Point.)

2.  Back up the Registry
  • Windows XP: How to back up and restore the registry in Windows XP
  • Windows Vista, Windows 7, Windows 8: Back up the registry (Note: For Windows 8, open the Windows Charms Bar by pressing Windows key + Q.  In the Apps search Bar, type regedit and press Enter to open Registry Editor.)
3.  Apply the Fix it

Disable the Java web-plugin

Apply Fix it
Restore the Java web-plugin
 
Uninstall Fix it
Microsoft Fix it 50994
  Microsoft Fix it 50994
Microsoft Fix it 50995
  Microsoft Fix it 50995 

4.  Restart Internet Explorer
For the changes to take effect, restart IE.

To undo the changes, run Microsoft Fix it 50995 and restart IE.

The Fix it solution has been tested by Microsoft and will work for all versions of Java from versions 5 and above.  It also works on all supported versions of Internet Explorer, whether 32- or 64-bit.


References

  • Security Research & Defense Blog: Java: A Fix it for when you cannot let go 
  • Microsoft KB 2751647: How to disable the Java web plug-in in Internet Explorer

Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Email ThisBlogThis!Share to XShare to Facebook
Posted in FixIt, IE10, IE6, IE7, IE8, IE9, Java, Security, tutorial | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Security Bulletin Advance Notice for August, 2013
    On Tuesday, August 13, 2013, Microsoft is planning to release eight (8) bulletins.  Three of the bulletins are identified as Critical with f...
  • Critical Out-of-Band Update Released for MS10-046
    Microsoft released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. The security update is identified as crit...
  • Hotmail Security to Protect and Recover Your Account
    Time and time again I see reports from Hotmail users who have lost control of their e-mail account.  As explained by Walter Harp, Director o...
  • Long Awaited Outlook.com Calendar Refresh Rollout
    The long-awaited Outlook.com calendar refresh has been released and is in the process of being rolled out. Because the servers are grouped i...
  • Microsoft Security Advisory 2269637 Released
    Microsoft released Security Advisory 2269637 which relates to a remote attack vector to a class of vulnerabilities affecting applications t...
  • Oracle Java Update
    Oracle released the Java SE 7u40 today.  In addition to bug fixes and enhancements, the update includes the following: advanced monitoring ...
  • Adobe Reader Security Updates
    Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh. Adobe identif...
  • Advance Notice: Security Updates for Java SE
    The Sun Security Blog published the following update announcement: "On November 3, 2009, Sun will release the following security update...
  • Adobe Flash Player and Adobe Air Security Updates
    Adobe released updates to both Adobe Flash Player and Adobe AIR to correct a critical vulnerability in both products. From the Adobe Securi...
  • Waledac Botnet Takedown
    The Waledac botnet had the capability of sending 1.5 billion spam e-mails per day. During a three-week period in December, 2009, approximat...

Categories

  • Adobe
  • Advisory
  • Amero
  • AntiVirus
  • Apple
  • Ask
  • AVG
  • Bing
  • Browser
  • Child Safety
  • email
  • ESET
  • Ethics
  • Facebook
  • Firefox
  • Firewall
  • FixIt
  • Fraud
  • General
  • Google
  • Hotmail
  • IE10
  • IE6
  • IE7
  • IE8
  • IE9
  • Java
  • Lavasoft
  • malware
  • Microsoft
  • Microsoft Apps
  • Mozilla
  • MVP
  • NCSAM
  • Office
  • Office 2007
  • Office 2010
  • Opera
  • Outlook.com
  • Phishing
  • Privacy
  • safety
  • Search
  • Security
  • Service Pack
  • SkyDrive
  • Skype
  • Software
  • SP1
  • sp2
  • SP3
  • Spotlight
  • Sumatra
  • tutorial
  • UAC
  • Updates
  • Vulnerabilities
  • Windows
  • Windows 7
  • Windows 8
  • Windows Live
  • Windows Live OneCare
  • Windows Vista
  • Windows XP
  • WinPatrol

Blog Archive

  • ▼  2013 (93)
    • ►  October (2)
    • ►  September (8)
    • ►  August (9)
    • ►  July (5)
    • ▼  June (8)
      • Mozilla Firefox 22.0 Released with Critical Securi...
      • Critical Oracle Java Security Update
      • Linked Accounts Being Eliminated from Outlook
      • Microsoft Fix it to Disable Java in Internet Explorer
      • Adobe Flash Player and AIR Security Update
      • Microsoft Security Updates for June 2013
      • Transition to Outlook from Hotmail
      • Security Bulletin Advance Notice for June 2013
    • ►  May (7)
    • ►  April (15)
    • ►  March (9)
    • ►  February (16)
    • ►  January (14)
  • ►  2012 (98)
    • ►  December (7)
    • ►  November (6)
    • ►  October (11)
    • ►  September (5)
    • ►  August (10)
    • ►  July (8)
    • ►  June (12)
    • ►  May (7)
    • ►  April (12)
    • ►  March (6)
    • ►  February (6)
    • ►  January (8)
  • ►  2011 (130)
    • ►  December (8)
    • ►  November (10)
    • ►  October (7)
    • ►  September (12)
    • ►  August (9)
    • ►  July (6)
    • ►  June (13)
    • ►  May (14)
    • ►  April (13)
    • ►  March (15)
    • ►  February (10)
    • ►  January (13)
  • ►  2010 (146)
    • ►  December (10)
    • ►  November (15)
    • ►  October (19)
    • ►  September (15)
    • ►  August (14)
    • ►  July (8)
    • ►  June (19)
    • ►  May (5)
    • ►  April (11)
    • ►  March (6)
    • ►  February (14)
    • ►  January (10)
  • ►  2009 (33)
    • ►  December (11)
    • ►  November (11)
    • ►  October (11)
Powered by Blogger.

About Me

Unknown
View my complete profile