The Top 6 Things To Consider When You Install Java Software

Chris Hoffman 11-04-2012

Oracle’s Java runtime software is required to run Java applets The Wonder & Beauty Of Java Applets [Technology Explained] Read More on websites and desktop software written in the Java programming language. When you install Java, there are a few things you should consider, especially regarding security. Java is used by an ever-decreasing number of websites and is a frequent target of attacks.


Most people could remove Java and not notice a difference. If you do use Java, you should be aware of the security problems and take proper precautions. You’ll also need to know whether you need the Java Runtime Environment (JRE) or the Java Development Kit (JDK).

You May Not Need To Install Java

Do you use a specific website or program that requires Java? If not, you don’t actually need it installed. Java just allows you to run software written in Java, and you may be surprised by how few websites and programs actually require Java.

If you’re not sure whether you need Java, try going without it for a while. You may not notice the difference. As we’ll detail later, there are good reasons not to have Java installed — if you can help it. Even LibreOffice LibreOffice - A Free Office Suite For Windows, Linux & Mac Read More (formerly, doesn’t require Java for most of its functionality.


The main Java download website offers the Java Runtime Environment, also known as the JRE. This is the one you probably need. It includes the basic software that lets you run Java applets and desktop applications on your computer.

There’s also the Java Development Kit, also known as the JDK. This is what you need if you want to develop Java applications 2 Websites & 2 Apps That Can Help When Learning Java Programming There are plenty of people I know who'd like to know how to program, yet they're confused by how to start and what the general ideas of programming are. In addition, there are a large... Read More . Some development-related software, including the Android SDK How To Capture Screenshots With Your Android Mobile Phone Read More , also requires the JDK on your system. If you need the JDK, you’ll have to download it from Oracle’s website. The JDK also includes the JRE, so you only have to install one of them.


install java

Security Problems

The elephant in the room when it comes to installing Java is security. Browser plugins – particularly Oracle’s Java and Adobe’s Flash and PDF reader Adobe Reader X Adds Protected Mode for Windows Users, Android Gets New Features [News] Read More – are major targets. Java is a prime target because it’s installed on so many computers and exploits will work across multiple browsers and operating systems. Keeping Java updated doesn’t fully alleviate this problem – just having Java installed increases your browser’s attack surface.

Update Java Often

If you need Java installed, you’ll want to update it often. By default, Java checks for updates once every month – not a very reassuring default setting for a program that’s so frequently exploited. You can fix this, though.

To do so, open the Control Panel from the Start menu, click the Programs category, and click the Java icon.


install java software

Use the Advanced button on the Update tab to select a better update frequently, such as “Daily.”

install java software

If you see the coffee-cup-shaped Java Update icon and its notification in your system tray 5 Distracting Desktop Notifications & How To Turn Them Off [Windows] When you are working on a computer, it takes a fair bit of will power to resist the attempt to multitask. But even if you manage to restrain yourself, many programs manage to throw in... Read More , be sure to perform the update as soon as possible.


Some Software Requires Older Versions

Depending on the the software you use, you may not be able to run the latest, secure versions of Java. Some websites and applications specify a specific version of Java and force you to use an outdated, vulnerable version of Java. This is why it’s possible to have multiple versions of Java installed on the same system, although Oracle recommends against this.

Oracle maintains an archive where you can download older versions if you need to, while noting that they’re full of security holes and vulnerable to attack.

If you must run an older version of Java, make sure you have an antivirus The Minimalist Approach To Security Tools On Your Computer [Windows] A few years ago when Windows Vista was the OS of choice, I chose not to use an antivirus. Instead I relied on a couple of anti-spyware solutions, my router’s firewall and good old common... Read More installed, ask the application vendor or website for an update, and remove the old version of Java as soon as possible.

Installing Java Applets Can Be Dangerous

Web browsers and plugins such as Flash isolate web content from your computer. A website with a Flash-based video player can’t break out of your browser and tamper with your computer (barring security vulnerabilities). Java does the same thing for most applets, which it runs by default – but it also allows applets to prompt you for full permissions.


If you see a security warning box and click the Run button, your computer could be at risk. Think of clicking the Run button like downloading and installing an application onto your computer – it’s basically the same thing. Only do this if you trust the publisher.

install java

Be sure to check out our free, full guide to PC security: HackerProof A Universal Guide To PC Security From trojans to worms to phishers to pharmers, the web is full of hazards. Keeping yourself safe requires not only the right software, but an understanding of what kind of threats to look out for. Read More .

Do you use Java, or did you not even install Java on your computer? Let us know in the comments. If you have any other questions, feel free to ask those, too.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. John Paul
    December 2, 2018 at 12:58 pm

    I want to know if java can be possible install To netbook and use it to create applications? How do I check it to make sure that it is possible to be install or not?
    Thank you.

  2. Robert
    April 10, 2016 at 9:05 pm

    I got that red box with the message as I was downloading a Java development kit, a few hours later my laptop wasn't running any programs eg chrome PowerPoint word. I was wondering wether this is the cause of them not running and if so how can I undo this.

  3. Shakir Abbas
    August 10, 2012 at 10:38 am

    I installed java software in PC but java applications does not run. Why?

    • Chris Hoffman
      August 13, 2012 at 8:28 pm

      There could be lots of causes for that problem.

  4. Chris Hoffman
    June 3, 2012 at 3:12 am

    I've explained my feelings toward browser plugins in a more recent article, for those of you who think I was off-base in this post: //

  5. ahmed
    April 18, 2012 at 5:10 pm

    please visit

  6. Harry
    April 13, 2012 at 4:50 am

    I opened the Java Control Panel and the Update tab is not there. I'm using Java 6 Update 31. Java reports this as the latest version. There's also a process: jusched.exe *32 running that I thought kept Java up to date.
    Is this article about Java 7? I do see Java SE 7u3 in the pic under JRE vs JKD section, so I'm not sure.
    Please advise. Thanks

    • Chris Hoffman
      April 14, 2012 at 7:51 am

      Hey Harry, check out Mike Degatano's comment in this thread for a solution.

  7. Fernando Cassia
    April 12, 2012 at 3:06 pm

    Wow, what a piece of crap. is now handled by the Apache Foundation, and called Apache OpenOffice.

    It will continue to use Java.

    The claim that "few programs" use Java is ludicrous, and shows your total ignorance of the java marketplace and the depth of -often open source- Java apps.

    I use several on a daily basis. But here are some: Bloom (Facebook photo uploader), Art of Illusion (3D modeling), Vuze (the Bittorrent client), jDownloader, jDiskReport, muCommander (file manager), jEdit, the Netbeans IDE, OmegaT (translation software), Earth3D, FreeMind (mind mapper-productivity tool), Frinika (music workstation), JShot (taking screenshots and uploading them to social sites), PowerFolder (cloud storage/sync), PetrusBlogger (blogging client for Blogger,Wordpress, etc), ProjectX (MPEG4 TS demuxer), UptheSync (Google Docs synchronizer/uploader written in Java), Burp Suite (security testing), jHome (home automation)
    [Broken URL Removed] (
    [Broken Link Removed]
    [Broken Link Removed]
    [Broken Link Removed]

    So much for your lie that "few software uses Java" huh? I just typed the ones I had on my system.

    But let's take a step further, let's search for software "written in Java" in Google Code: 75,000+ results

    and SourceForge: 128,000+ results

    Not only that, but the suggestion of "disabling Java" cripples one of Java's hidden gems for desktop cross-platform software: Java Web Start (JWS).

    I guess there are many interests promoting that people uninstall Java, starting with Microsoft, and Google, which promotes its cloud apps against which the Java paradigm, for some of us, has many advantages.

    To which of these you have connections -or perhaps you're speaking out of your ass- remains to be seen.

    PS: Finally, it's no surprise that Google sabotages Java with its browser, further from a validity claim, it shows there's a power play at stake. Chrome is the only browser that refuses to run JWS apps seamlessly, instead popping up the totally useless download manager when the jnlp file is run, worsening the end user experience.

    • Chris Hoffman
      April 14, 2012 at 7:49 am

      As I said on Google+:

      I'm getting really sick of people accusing me of having connections to companies because I publish something they disagree with. You seem to think I have some kind of malicious agenda, but in actuality we just disagree.

      As far as the merits of your argument, I'm sure lots of people use java programs on the desktop. Clearly you do. However, I don't (aside from the Android SDK, I guess). And my parents don't. And most people I know don't. They'd be better off with Java uninstalled, especially since I often see "average user" PCs with out-of-date Java plug-ins -- sure, install it if you need it, but if you don't use it, uninstall it. (Java running on servers and such is different.) That's all I said. I'd say the same as far as other plug-ins -- if you watch Netflix, install Silverlight. If not, get rid of it. One day we'll hopefully be able to all uninstall Flash, too.

      You obviously have a well thought out argument, so it's really tragic that you want to spew venom and attack me personally.

  8. Ron
    April 11, 2012 at 9:47 pm

    Wow. No idea how you managed to publish such a half-baked article. It's one thing to warn people of potential security risks, it's another thing to make them completely paranoid regarding Java applications.

    This may be fine to a very specific target audience, but I doubt this is the audience you address to. Even then, it should be more elaborated explaining that there's nothing to fear about Java more than there is to fear about basically any other application that you run on your computer (or web browser).

    This article is embarrassing. I implore people to take it under consideration and look for better resources.

    • Mike
      April 12, 2012 at 2:41 am

      I disagree with your view. This is a great article. They're simply pointing out the reality. And all these things are correct. Who wants to run software that's out of date? not me. And i'm sure you don't either. And this is specifically about _JAVA_!!

      • Ron
        April 12, 2012 at 2:43 am

        You basically just strengthened my argument.

    • gant
      April 12, 2012 at 2:41 am

      yes agree

    • Chris Hoffman
      April 12, 2012 at 5:43 am

      Do you have more specific objections? Is there anything here that isn't actually true?

      Browser plugins are the biggest security risk, let's be honest. While many people need Flash for a variety of websites, the Java plug-in isn't anywhere near as common. In fact, Google Chrome blocks Java from running by default and Google advises users to only run it on specific websites they trust ( source: )

      Browser plug-ins like Flash and Java are much bigger security risks than other types of software on your computer. Any website can access a browser plug-in, while other software -- say, a Windows game you've installed -- isn't accessible from every website. This dramatically increases your attack surface.

      The Flashback infection on the Mac, which is all over the media right now, was caused by a Java security problem.

      Many other websites are saying that "The best defense against this kind of attack is to remove the vulnerable runtime engine so that it can’t be exploited." (source: )

      Like it or not, browser plug-ins like Java are a big target, bigger than most other programs on your computer. Uninstalling any browser plug-in is a security win.

      • Mike Degatano
        April 13, 2012 at 4:04 pm

        Hey Chris just wanted to add two things. While I totally agree with you about the security risks of Java, you can actually head off all plugin problems in general in Chrome really easily. In the settings menu of Chrome under Plugins you can turn on "Click to Play". It's pretty fantastic since it blocks all plugins unless you click on them to start playing, really stops rogue websites cold since you would have no reason to play them unless you are on a site you trust.

        In addition you can set a flag or a setting (I forget which) to warn you when a plugin that is trying to run is out of date so you can update it before you do anything. Obviously this only applies to Chrome users but since there is a fair amount of them out there it's probably worth mentioning especially since it has very little downside (you can put exceptions for sites you use all the time so it doesn't slow you down at all), it solves problems for all plugins, and combined with Chrome's sandbox it makes a plugin attack extremely difficult if not impossible.

        Also it appears the Update tab you mentioned is removed from the latest version of Java's Control Panel (at least the 64-bit Windows one). I liked your idea a lot though (I actually develop in Java after all at work so even if I feel pretty secure why would I want to work in an old version of Java for up to a month) so I found a way to get it back. It involves the registry unfortunately making it a bit technical but it's pretty painless as far as registry hacks go.

        If you open up regedit and browse to HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy there should be a string called "EnableJavaUpdate" that needs to be set to 1 for the tab to appear. If the string isn't there at all (it wasn't for me) just add a new string with that name and set it to 1. That made it appear for me, if it didn't for you you might have current user settings overriding it. There is a matching spot in HKEY_CURRENT_USER, check and see if it's set to 0 there (also if for some reason you only wanted to do this for you instead of everyone then only do it there and not LOCAL_MACHINE).

        My source is here, they were trying to disable the updating entirely but the trick works both ways :)

        Also if there is two posts from me I'm sorry, the first one disappeared so I wasn't sure if it posted.

        • Chris Hoffman
          April 14, 2012 at 7:51 am

          Thanks for the agreement, Mike. It's nice to see someone who uses Java that doesn't think this post was a personal attack.

          And thanks for providing all that information! Very useful.