Disabling Java in Internet Explorer: No easy task

Firefox, Chome, and Safari let you. But short of a complex, CERT-documented process, there's no reliable way to disable Java in IE

Page 2 of 2

That has to make you wonder -- at least, it makes me wonder -- whether there are other tricky methods for invoking Java in Internet Explorer, even after the CERT fixes have been applied.

The one bright spot in all of this? CERT has a .reg file that you can download to apply the changes necessary to cut off Java in IE. CERT also recommends that you manually remove two files, which can be located in a variety of different locations on Windows computers.

(Worth repeating: This admonition only applies to running Java inside a Web browser. Java on your desktop -- for running Base and a few other parts of LibreOffice, for example, or Minecraft -- is an entirely different kettle of fish. And Java on the server has nothing to do with Java in a browser. JavaScript is likewise completely different.)

Many of you need to run Java in a specific version of IE because your company's core apps require it. For you, the best advice is to turn off Java in any other browser you may be using, and go to that other browser for general Web surfing. Only bring out the IE problem magnet when you absolutely have to run Java. Then get out of it as soon as you're done.

Rob VandenBrink at the Internet Storm Center has an interesting recommendation that involves changing the "user agent" string on devices -- especially mobile devices -- and monitoring your outbound network activity for those custom strings. In addition to monitoring the cows after they're out of the barn, "watching the agent strings that are logged going outbound can be a good way to find those mouldy-oldy computers that got installed 6 (or 10) years back and haven't been updated in a while, if ever."

One question keeps coming back to me: If it's so easy to disable Java in Firefox and Chrome, why is it so difficult -- maybe even impossible -- to disable it in Internet Explorer?

With apologies to Jack Daniel, companies need to stop building new browser-based Java apps and start the long migration to a more reliable option. It's up to IT to take the initiative and kill browser-based Java dead, dead, dead.

And it wouldn't hurt if Microsoft would build a turn-off-the-add-on switch into IE -- one that works.

This story, "Disabling Java in Internet Explorer: No easy task," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

| 1 2 Page 2