Need Help?

By Phone Icon

By Phone

IT Service Desk »
862-4242

Hours: (M-F)
7:30am - 5pm
 
In Person Icon

In Person

IT Support Center »
Level 3, Dimond Library

See website for hours
 
Chat with IT Support

Chat with IT Support

 
On the Web Icon

On the Web

Search UNH IT»
Contact Us »

Information regarding Java Vulnerabilities at UNH

Java Runtime Environment (JRE) Frequently Asked Questions

Updated 3-7-2013

A number of significant vulnerabilities have been identified on computers running the Java Runtime Environment software that pose serious security risks. The risks involve third-parties using this vulnerability to silently install malicious programs onto your computer, which may compromise your personal information, expose University resources, and harm the computer.

The vulnerabilities exist in current and previous versions of Java Runtime Environment (JRE) 6 and 7. As a precaution, UNH IT recommends non-Enterprise users to update their JRE software to the latest version to minimize the risks from unpatched vulnerabilities that are present in older versions. Please read the instructions and FAQs below for more information.

What is JRE and why do I need it?
Read more here

What is the vulnerability?
The identified versions of JRE7 allow malicious code to run on a computer without permissions or any notification to the user. Further details are available at the following sites:

I use Enterprise applications (Banner, WebI, Deski, FAMIS, Kronos, Appman). What should I do?
Enterprise applications users should install the version specified for your particular Enterprise application, located here.

I do NOT use Enterprise applications. Should I update my version of Java?
Yes, but you will first need to remove all older versions of JRE 5, 6 and older versions of JRE 7 and replace it with the current version of JRE 7.

Instructions for removing old versions of Java
Instructions for installing the latest version of Java
Information and System Requirements for using Java on Macintosh Computers

Note: When you are installing the software, be careful to deselect any optional add-ons (toolbars, browsers, etc).

I have a Macintosh computer?  Am I affected?  
According to information publicly available from Oracle, the issue affects all client installations of JRE regardless of operating system.  Macintosh users should use the instructions above to install the latest version of Java to their computers.

I have a Macintosh and I am having trouble using the VPN and/or Blackboard Collaborate.  What do I do?
In response to the latest vulnerabilities, on January 31, 2013, Apple released an update to disable native Java support on multiple versions of the Macintosh Operating System.  This affects the ability to use Java-dependent applications such as the VPN and Blackboard Collaborate.  Follow the directions below based on the version of Mac OS that you are running.

There may be multiple versions of Java installed on your computer, and the method to check varies slightly between versions of Windows.

How do I just update JRE? 
There is no particular update; an updated version is simply released by Oracle. Follow the instructions above to download and install the latest version of JRE.

Why should I uninstall older versions of JRE? 
Read more

How do I disable Java, or disable it for a specific browser? 
Instructions are located here

I already have JRE, and the Updater is prompting me to update to JRE7 Update 11. Is it okay to install this update? 
Yes, it is safe and recommended to get to the latest version of JRE.