The US Department of Homeland Security has warned computer users worldwide to disable or uninstall Java from their web browsers because of "a serious security vulnerability" discovered by researchers and likely to be in use already by hackers.
More than 850 million PCs around the world use Java, and could be at risk.
Oracle, which owns and maintains Java, said it appears the vulnerability exists only in Java 7 - which is what most users have.
In a rare move, the US government warned computer users on Friday to disable the software to prevent hackers and malware writers from taking advantage of the zero-day vulnerability - which is currently being exploited in the wild.
The vulnerability could allow unauthorised installation of malicious software on machines, and a chain reaction. The malware could acquire personal information, which in turn would lead to identity theft.
Such malware also it typically used as hackers build a "botnet" of infected computers - a network of "zombie" machines that are used to carry out denial-of-service attacks on Web sites and networks.
Java owner Oracle said it is working on a fix, and it will be available "shortly". Java is free and easily installed on any computer at Java.com.
Java can be disabled in browsers on both Windows and Mac PCs. The Hong Kong website of ZDNet posted detailed instructions on how to perform disabling.
Click here for ZDNet Asia.
Latest stories in this category:
- China police billions spell profit opportunity
- Internet in 'coma' as Iran election looms
- Al-Jazeera in big gambit with planned US launch
- Yahoo Japan suspects 22m IDs stolen
- Yahoo! sets event amid Tumblr talk
- US seizes Bitcoin operator accounts
- 'Hatchet-wielding' Internet star arrested for murder
- Apple, US lawmakers in offshore tax showdown