- The Role Of AI In Cybersecurity – Boon Or Bane?
- Less Than Half Of Cybersecurity Professionals Have A Plan In Place To Deal With IoT Attacks: Study
- Cyberattacks Go Up For Small Businesses Over The Past Year: Study
- Phishing And Credential Stuffing Attacks Remain Top Threat To Financial Services Organizations And Customers: Study
- IT-Based Attacks Increasingly Impacting OT Systems: Study
After the American government warned users of the security risk posed by
the recently discovered Java vulnerability that was being exploited in the
wild, Oracle quickly came into action and posted a security update within 3
days of the news spreading worldwide.
As we reported a few days ago about how an extremely critical Java exploit had forced the American government to issue an advisory to users asking them to disable Java in their browsers completely until a security patch is released. Realising the importance of this dire situation, Oracle acted quickly and released a security update called Java 7 Update 11 to users which fixes the problem which had created quite a havoc among security researchers. Though the problem has now subsided, experts are still urging users to stop using Java because of the increasing number of exploits that are being discovered in the technology.
Explaining further changes that are part of the update, the Oracle Security Blog said, “Oracle is switching Java security settings to “high” by default. The high security setting requires users to expressly authorize the execution of applets which are either unsigned or are self-signed. As a result, unsuspecting users visiting malicious web sites will be notified before an applet is run and will gain the ability to deny the execution of the potentially malicious applet.”
The blog states that this update be applied as soon as possible and also reminds users of the ability to disable the Java plugin from its control panel, ever since the feature was made available in update 10. The latest update for Java can be downloaded from here.
The recent events concerning Java show how weak Oracle’s efforts have been into making Java more secure on the desktop. While the programming language has been going quite strong on the server-side, desktop technologies like applets have been getting less and less secure by the day. Even developers are avoiding the use of Java applet stack since the past couple of years. Apple and Microsoft too have reacted in their own manner to the concerns related to Java that have been sprouting up these days. While Apple uninstalled Java completely by default from their Mac OS X systems a few months back, Microsoft has announced that it will release an out of band security update which fixes a bug allowing remote code execution in the Internet Explorer browser.
Ankit Mathur
I have a crush on Java, open source and linux. I also love flirting with almost all other stuff related to mobile and web technologies. Feel free poke fun at my articles and I tweet:
@ankitmth
I have a crush on Java, open source and linux. I also love flirting with almost all other stuff related to mobile and web technologies. Feel free poke fun at my articles and I tweet:
@ankitmth
