First things first: Only download your software from proper, official websites. For example:
|Software||Proper download address|
|Java||www.java.com or java.com|
|Adobe Reader||www.adobe.com or adobe.com|
|Adobe Flash Player||www.adobe.com or adobe.com|
These are just three off the top of my head, for starters.
Never let yourself be tricked into downloading software, or updates for your existing software, from other sources than the original ones. It’s easier than you’d like to think to suddenly have a virus or other malware on your hands, instead of a new version of a program which you thought you were downloading.
Now to the chase:
Lately, as in the last couple of days, I’ve seen a warning pop up in my web browser now and then, saying my copy of Java is out of date and must be updated. Whether I accept or decline, it takes me to a webpage where allegedly I can download the latest version of Java. The website looks like this:
If you look at the address bar at the top you will notice that this is not www.java.com, which is the official site, but a different page called www.javainstall.org (link deliberately not working). This should set off warning bells (or preferably warning claxons). The page certainly looks legit, but the address is a clue that something is wrong. Do not download from there!
As far as I can tell, this fake update alert is triggered by ads on various websites. Truth to be told, I have not actually checked the offered download to see whether it contains malware, but I see no reason why it should be trusted.
This is the legitimate download site for Java:
Notice that the address bar says http://java.com which is the proper address (with or without the traditional “www.” at the beginning).
Even so, Java itself tends to tell you if it needs to be updated. Every time you start your computer, if Java is installed, it will check with java.com whether there is a newer version available, and if there is, you will get a message in the shape of a speak bubble above the system tray in the bottom right hand corner of the screen. Like this:
If you’re still in doubt, you can easily check with java.com whether the update alert is real. Go to java.com and click the “Do I have Java?” link below the big red Download button, which’ll take you to this page:
Complete the “Verify Java Version” test and follow the recommendations. Either you already have the latest version, in which case you need to do absolutely nothing, or you need to update it, and there’ll be a link to do that, too.
Safe surfing, folks! 🙂