Oracle has released an update (Java Version 7 Update11) to fix some of the the critical Java vulnerabilities discovered late last week.
Due to the severity of these vulnerabilities and the reported exploitation, the University is at great risk through users' desktop and laptop computers.
Therefore it is absolutely imperative that Java, where installed, be updated as soon as possible.
If you are using the Java auto-update tool then you should have already received a message asking to install the update. If you have NOT seen this message and/or not installed the update, please do so ASAP by visitinghttp://java.com/en/download/installed.jsp - and then download and install the update.
You can read more about vulnerability by visiting: http://arstechnica.com/security/2013/01/critical-java-zero-day-bug-is-being-massively-exploited-in-the-wild/
Because this update only addresses a portion of the vulnerabilities, Information Technology Services (ITS) recommends that you only use the Firefox browser with the Java plug-in enabled to access ISU applications (e.g., MoodleISU, BengalWeb). All other Internet browsing should be done via another browser that has the Java plug-in disabled.
See the following link for instructions on how to enable or disable Java in various browsers: http://www.computeractive.co.uk/ca/step-by-step/2202858/how-to-disable-java-on-a-pc-mac-and-in-a-web-browser
If you have any questions or need assistance with any of the above updates or procedures, please contact the IT Service Desk.