REDWOOD SHORES, Calif. (TheBlaze/AP) — Even though Oracle released a fix for the flaw in its Java software that raised an alarm last week, the U.S. Department of Homeland Security is still warning people against using it.
Late Thursday, the federal agency recommended that Internet users disable Java software in Web browsers to avoid potential hacking attacks.
Java allows programs to run within websites and powers some advertising networks. Users who disable Java may not be able to see portions of websites that display real-time data such as stock tickers, news, weather updates and ads.
Oracle says the patch was released Sunday. The company recommends that users update Java immediately. The patch sets Java’s default security level to “high” so it prompts users and gives them a chance to decline malicious software before it loads onto their computers.
But on Monday DHS said in a statement that it didn’t fix all the vulnerabilities.
“Oracle Security Alert CVE-2013-0422 states that Java 7 Update 11 addresses this (CVE-2013-0422) and an equally severe vulnerability (CVE-2012-3174). Immunity has indicated that only CVE-2012-3174 is addressed with this update,” the DHS statement read.
Watch CBS’s report after DHS’ initial warning regarding the vulnerability: