Millions of computer users were advised Friday to temporarily disable Oracle's Java software because of security weaknesses that make their machines vulnerable to everything from virus-infected websites to "ransomware," which often locks users out of their computers until they pay the perpetrators.
Oracle said it will issue a patch Tuesday that contains "86 new security vulnerability fixes." It added that "due to the threat posed by a successful attack, Oracle strongly recommends" that customers update Java on their computers with the patch as soon as possible.
Java makes it easy for software programs to run on most computers and websites, and it is widely used throughout the world.
In a warning Thursday, the Department of Homeland Security advised people to disable Java in Web browsers, presumably until Oracle is able to correct the problem. But some security bloggers have warned that disabling Java can be complicated.
Apple disabled newer versions of Java from its personal computers but will let its customers use the software again if they upload Oracle's fixes.
In addition, Mountain View, Calif.-based Mozilla said in a blog post that it has begun blocking Java on its Firefox browser unless someone clicks on a feature to activate the software. The click-to-play feature "allows users to enable the Java plugin on a per-site basis if they absolutely need the Java plugin for the site," the blog said.