Rik's Ramblings

Tuesday, November 19, 2013

When did Java become the LEAST secure part of the web browser?

If I remember rightly, back in 1997 we used java to make remote code execution more secure. Now it seems Java is the last thing you least want to enable in your browser if you want to be secure.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. Starting Oct 2013, the Java SE Critical Patch Update will be released quarterly every year as per the main Oracle Critical Patch Update Schedule. This Critical Patch Update contains 127 new security fixes (including 51 Java fixes) across the product families listed below...

See also:
Oh, and baby, do we have one today. This is - you want to be at Java 7, Update 45. That's the newest one. Fifty-one security vulnerabilities, all but one of which are remotely exploitable without any authentication.


Post a Comment

<< Home