Back in March and April, when the Java browser plugin was getting hammered with security holes that were being exploited in the wild, we conducted a couple of unscientific polls here on FOSS Force to determine how our visitors were handling this security crisis.
To call the problems that Java was experiencing at the time a “crisis” is not an exaggeration. If you’ll remember, the situation was considered so serious that [...]
Continue reading FOSS Force Poll: We Don’t Trust Oracle Or Java
We’re not ready to tell you we think it’s safe to reactivate your Java browser plugin–in fact, just the opposite–but we will say that Oracle is at least giving the appearance they’re now serious about addressing browser-side Java’s safety. Early last week they issued a security patch that fixed either 41 or 42 Java security issues, depending on what website you’re reading.
Excuse us if we don’t seem too impressed. At [...]
Continue reading Oracle Serious About Java Security–Maybe
Guess what? We’re hearing reports this morning that the black hats are continuing to take advantage of security vulnerabilities in Java. Of course they are. That’s what black hats do. We’re also hearing from security experts that browser side Java isn’t likely to be made secure in the near future.
Oracle’s management of Java since obtaining it from Sun has been nothing short of a joke. It’s about time for them [...]
Continue reading Java Remains Unsafe–Not Likely To Be Fixed Soon
It would seem that Oracle is getting serious about addressing security issues in Java. Late Monday the company pushed Java 7 Update 17 that fixes two security holes that were already being exploited in the wild.
The vulnerabilities addressed in Monday’s patch had been known since at least February 1 and were originally scheduled to be fixed in a scheduled security update in April, according to a security blog on the Oracle website:
Continue reading Oracle Patches 2 Java Holes–At Least 5 Remain
Those who thought it was safe to re-up Java on their browsers will need to go back and turn it off again.
If you listen to us, after you do you’ll never turn it back on. Browser side Java has been made pretty much obsolete by newer technologies, which means you don’t need it, especially since it’s proving to be about as easy to keep secure as ActiveX, sandbox or no. [...]
Continue reading Five, Count ‘Em, Five New Security Holes In Java