Java, how we love to hate you! Many people have uninstalled Java and do not miss it. That is most likely because they do not have desktop applications that require Java. Unfortunately, that is not the situation for those people who use Java-dependent software programs.
Until recently, Internet Explorer was the only major browser that did not provide a way to disable Java. The only way to completely disable Java in IE was to disable Java through the Java Control Panel, which meant re-enabling Java when using Java-dependent programs. That is no longer true!
Microsoft released a Microsoft Fix it solution designed to block all Java web-attack vectors through Internet Explorer. As explained by Cristian Craioveanu in the below-linked Security Research & Defense Blog article, the Fix it solution is made up of two parts.
- The Fix It uses the Windows Application Compatibility Toolkit to change the behavior of Internet Explorer at runtime to prevent Oracle’s Java Web plugins from loading. As a result, the Java ActiveX dlls are not loaded.
- The second part of the Fix it clears the access control list (ACL) in the registry for the Java Network Loading Protocol (JNLP) handler which prevents Internet Explorer from automatically opening files.
InstructionsBefore installing the Fix it solution, please follow the following suggestions:
1. Create a restore point
- Windows XP: How to set a system restore point in Windows XP
- Windows Vista, Windows 7, Windows 8: Create a restore point
- (Note: For Windows 8, open the Windows Charms Bar by pressing Windows key + Q. In the Apps search Bar, type Restore Point, Create Restore Point.)
2. Back up the Registry
- Windows XP: How to back up and restore the registry in Windows XP
- Windows Vista, Windows 7, Windows 8: Back up the registry (Note: For Windows 8, open the Windows Charms Bar by pressing Windows key + Q. In the Apps search Bar, type regedit and press Enter to open Registry Editor.)
Disable the Java web-plugin
Apply Fix it
Restore the Java web-plugin
Uninstall Fix it
4. Restart Internet Explorer
For the changes to take effect, restart IE.
To undo the changes, run Microsoft Fix it 50995 and restart IE.
The Fix it solution has been tested by Microsoft and will work for all versions of Java from versions 5 and above. It also works on all supported versions of Internet Explorer, whether 32- or 64-bit.
- Security Research & Defense Blog: Java: A Fix it for when you cannot let go
- Microsoft KB 2751647: How to disable the Java web plug-in in Internet Explorer