How to Remove Old & Dangerous Versions of Java

Sun Java has become a popular attack target for hackers and criminals as it can be found on almost every PC.

Sun have responded by regularly releasing new versions that patch newly discovered vulnerabilities.

Unfortunately when you install a new version of Java the old one is not deleted. Sun does this just in case some old applications won't work with the latest Java version. In my experience, this is a rarity.

JavaRa is a free utility that will permanently remove all old and vulnerable versions of Java from your PC.  Usage couldn't be simpler: just download it and run it.

http://raproducts.org/

Afterward, double check that all versions are gone by running a free online scan with Secunia Software Inspector. This will not only check for old versions of Java but old and vulnerable versions of many other programs as well.

http://secunia.com/vulnerability_scanning/online/

Thanks to regular contributor Lex Davidson for suggesting this item.

Gizmo

Share this
3.923075
Average: 3.9 (13 votes)
Your rating: None

Comments

by drh2020 on 4. September 2012 - 15:02  (98754)

Just saw this today"

Raproducts has moved.

old web site
http://raproducts.org/wordpress/

new web site
http://singularlabs.com/software/javara/

Posted on January 20, 2012
JavaRa can now be found at SingularLabs. I have since moved on to other projects.

So it also looks like it is not getting updated. Not sure if I want to use this.

by sue (bill's email) (not verified) on 29. August 2012 - 5:15  (98444)

I find your website most helpful in many cases, and appreciate what you've accomplished - Thank you! However, I am a relative computer novice and, in reading the aforementioned posts about JAVA, I feel virtually illiterate. Translated = If you are willing to respond to this Long post, please keep it simple, assume I know nothing, and be patient. If only I was 40 years younger, I wouldn't be so embarrassed about my relative lack of knowledge, but I yam what I yam.

The issue with Java arose when I involuntarily changed to Firefox 14.0.1, and was checking my plug-ins. I am running Windows 7 64 bit on an XP notebook. What I've been able to discover about Java is as follows:

--I have Java 7 (TM) Update 5 (64 bit), as well as Java FX 2.1.0, Java Runtime Version: Platform 1.7, and Product 1.7.0__05
--When I open the Control Panel, click on Programs/Uninstall, Java has it's own area labelled "Java Control Panel" from Oracle, and has 4 areas:
General/Java/Security/Advanced
--When I tried to import the security certificate, after I finally found where it was supposed to be, I wasn't able to locate it. The "Import" the certification led me to a Temporary File area of my computer wherein one can set how much information should be saved in that area - noting "JAR FILES" (?!), and other things I've forgotten
--Secunia scans have not mentioned Java at all since the two installations, one in May, 2012, and one in June, 2012
--Jave Runtime Environment versus Settings (??) reveal the following:
http://java.sun.com/products/autodll/j2se
Path: C:\Program Files\Java\jre7\bin\javaw.exe

At this point, I am at a loss as to how to proceed, both in general, as well as regarding a Java plugin for Firefox 14. Must I have Java? Likely, I would say yes. Given that I do, would you be kind enough to advise regarding the following:

1. Should I keep the Temp File with the Java info in it, or set Memory to zero (Note: Default is like 500,000), and delete?
2. Should I delete either program? If so, just do it via the regular method (Control Panel, Uninstall programs)?
3. Should I add any Java products? If so, which ones? Currently, the Java plugin that was installed in Firefox has been disabled due to instability issues as this article notes. Should I have Java available in my computer programs or as a Firefox plugin, or both? Regardless, if it's best to have it as a plugin in Firefox, how do I rid myself of the outdated, disabled plugin, and get the plugin that I need?

Regrets for the length of this and, hopefully, it makes some sense. Thank you so very much in advance.

by Anupam on 29. August 2012 - 5:58  (98447)

Java is required only on some web sites, and not all. So, most probably, you won't even need it.

Also, at this time, I will advise you to remove Java from the system, as critical security vulnerabilities have been found in Java, which could compromise your system. Security analysts all over are advising people to uninstall Java. You can read more here :

http://www.reuters.com/article/2012/08/27/us-cybersecurity-java-idUSBRE8...

http://threatpost.com/en_us/blogs/researchers-identify-second-new-java-b...

You can remove Java from the Add/Remove menu in the Control Panel.

For more discussion, please register on site, and post in the Freeware Forum : http://www.techsupportalert.com/freeware-forum/

as having a discussion here is a bit tough. It will be better in the forum.

by JK (not verified) on 8. December 2010 - 21:31  (62223)

I can't stand Java right now. Even after trying Javara it still won't install anything. All I need is a delete any trace of Java button... Oracle, where are you with your answers this time??

by Anonymous on 30. May 2010 - 20:28  (50645)

I am using a program to access medical records that is compatible with Java 1.5.0_06-b05. This remote viewer is not compatible with the current version of java and the institution has no intent to upgrade.

I also use programs that require newer version of java to work.

As I understand it, some of the fixes repair security problems. I do use McAfee AV and its firewall.

Is there a way to switch back and forth to the older version only when I need it without uninstalling and reinstalling each time?

by Anupam on 30. May 2010 - 20:35  (50647)

Two versions of Java cannot stay together on the computer. You have to uninstall any one. Most of the updates fix the security issues, and therefore its advised to use the latest version.

by Anonymous on 30. May 2009 - 5:56  (22625)

If you follow the recommend practice of running Secunia Personal Software Inspector (PSI), then that will identify and warn you to remove old, unsafe versions of java (as well as other unsafe programs).

by Anonymous on 30. May 2009 - 11:49  (22650)

Not really. For instance, 6u14 is already blacklisted by PSI but developer tells you that "Users who have Java SE 6 Update 13 have the latest security fixes and do not need to upgrade to this release to be current on security fixes."

by Anonymous on 30. May 2009 - 12:52  (22657)

Ok, but is there any harm in installing 6u14 now, and if everything works OK, installing 6u13? Too soon is better than too late!

by Anonymous on 30. May 2009 - 12:54  (22658)

I meant *uninstalling* 6u13, sorry!

by Anonymous on 30. May 2009 - 5:57  (22626)
by Anonymous on 30. May 2009 - 2:56  (22615)

Hello,
If you are a serious computer user Gizmo is an angel for you. He works on the principle of Yagya which means living in a way similar to the natural cycles. May the Lord keep him hale & hearty. I am sure he is a favorite of the divine forces.
This particular software is wonderful.
thanks
Shandilya

by Anonymous on 11. May 2009 - 15:32  (21371)

Hi

I have a dell xps desktop that came with version 1.6.0.0 of java pre-installed (the website that checks what version of java is running on my pc only listed it as 1.6.0-oem).

If I upgrade from 1.6.0.0 to 1.6.0.13 (from Sun's website), will the newer version's "patch-in-place" feature effectively "remove" the older version OR do I still need to run JavaRa then check with Secunia PSI?

Thanks in advance.

by Anonymous on 19. April 2009 - 4:14  (20121)

Hello Everyone,

It is in response to query about software to unistall older versions of Java software.

I do not know if anybody already mentioned the following software

Software title: JavaRa 1.12
Developer: Paul McLain
For the latest version, visit http://raproducts.org/
This program is free software.
The software is tiny with options
1. to check update for java
2. Remove older versions
etc.

After removing older versions it will represent you with
****JavaRa 1.12 Removal Log in text file format.******

download size of zip file is: 68 Kb
after unzipping its approx. : 400 KB
No need to install the software as it is self-executing.

I have been using quite often after every java update since about an year without any problem.
I have checked the software with latest updated avast antivirus, Spybot search and Destroy and SuperAntispyware software and the software is clean.

I hope it helps.

Cheers

Nehal Trivedi

by Anupam on 19. April 2009 - 8:32  (20123)

The article itself writes about JavaRa ... did you even read it ?

Anupam Shriwatri, India

by Anonymous on 7. April 2009 - 20:20  (19482)

No relation, but speaking of "Gizmo" there is a program that has been redisigned to use only the currently installed Machine version of Java (PRIOR TO the recent past, they dropped their own version in their folders)

by tommyzulu on 19. February 2009 - 17:38  (16370)

The Link to http://raproducts.org/ does not seem to work!

by peter on 19. February 2009 - 17:40  (16371)
by Anonymous on 11. February 2009 - 21:46  (15860)

JavaRa: Make sure you install the .exe in the same folder as Java.

by Anonymous on 7. April 2009 - 20:00  (19476)

Currently for me, this would mean I need to install JavaRa in 8 seperate locations; The normal Windows locale, Booksmart, Lunascape5, GIMPshop/GKT+ (windows version), surprisingly Arduino (the oldest by far, version 1.4 !), TalkShoe, processing-1.0.1, Wolfram Research's Mathematica Player (and probably Mathematica itself?).

Ya, Mathematica - that surprised me too.

by Anonymous on 11. February 2009 - 15:54  (15832)

Al the comments listed are very feasible and all worked in the past. I downloaded the new version and it deleted all of the old versions on my computer. I was not sure if it had deleted them, but secunia did inform that they were removed. To double check I ran my javara and there was nothing there, so it appears that sun have indeed incorporated a removal program for old sofware.

by Anonymous on 11. February 2009 - 18:34  (15849)

Technically, there's no uninstaller built-in. What the installer now does is to update the pre-existing C:/Program Files/Java/jre6 directory with the new 6u12 content, and that's why Secunia doesn't detect previous versions. But this doesn't work with a static configuration. Anyway, let's see how feasible this is from now on...

by Anonymous on 10. February 2009 - 18:19  (15763)

#2 Rizar,
Have you tried using Duplicate Cleaner?
This may be too simple and a little naive, but say you install Java in two different places, then use Duplicate Cleaner to hard-link the 'proprietary' copy back to the generic one, thus the system thinks it's got two copies while your harddrive holds only one in real space terms.
Let me know if it works.
G

by Anonymous on 11. February 2009 - 0:45  (15795)

If you have 2 or more versions of Java installed Duplicate Cleaner will not detect any duplicates because the files are different. Not only that, but removing the old Java's just by deleting some files leads to corrupt installs and an inability to uninstall. Then there's the registry...

by Anonymous on 7. April 2009 - 19:55  (19475)

BY FAR the only thing to do is: Locate ALL versions of Java where installed for program compatibility, then COPY the most recent verion of the JRE/JDK DLLs ON TO the other older copies. This does work, and only in very rare circumstances will it not, but by then you are probably running an otherwise very secure machine that wouldn't even be connected to a network, let alone the internet (IOW for proprietary reasons).

Java installed affects the registry NONE WHATSOEVER, so that is not an issue. Well, it is not put in any part of the registry that would affect the running of java or any program needing java.

by Rizar on 10. February 2009 - 19:14  (15773)

Ah, that sounds like a good solution.
I actually sold off the encyclopedia fairly quickly after I didn't like how it was setup and when I saw that its online prices went high enough to make it worth selling (and they took it out of most stores for some reason).
I think it was the Britannica (blue box cover) if anyone has it around to try.
Rizar

by Anonymous on 10. February 2009 - 19:05  (15770)

OMG...!!!

by peter on 10. February 2009 - 19:06  (15771)

Care to elaborate?

by Anonymous on 10. February 2009 - 19:25  (15774)

Hm, I haven't read Rizar post...

by Anonymous on 10. February 2009 - 14:58  (15741)

I have seen a couple of applications that were unable to function with newer versions of Java where I work. They were both proprietary software apps written for in-house use.

With that in mind, it may be helpful for some if you listed a safe location to download an copy of older versions should they delete the only interface (unbeknownst to them) that allows their widget app to work and need to revert back. Just a friendly suggestion.

"I work for the State, I'm here to help."

Gizmos Needs You

Gizmo's Freeware is Recruiting

 We are looking for people with skills or interest in the following areas:
 -  Mobile Platform App Reviews for Android and iOS
 -  Windows, Mac and Linux software reviews       Interested? Click here