Friday,31 January, 2025

Subscribe to Newsletter
HOME
 		  NEWS
 		  Knowledge Center
 		 
News

If You Do Not Really Need Java, Get Rid Of It

Published Sep 10, 2012


Got Java? Even if you've applied the urgent out-of-band patch from Oracle, you may want to disable or uninstall Java itself. It turns out that the patch has its own flaws that make Java vulnerable to new attacks.

According to security experts, Oracle's Java patch resolves the multiple "zero-day" vulnerabilities currently being exploited by attacks in the wild. However, it also leaves open a vulnerability--which was discovered and reported to Oracle earlier this year--that could allow an attacker to bypass the Java sandbox protection and execute malicious code on the target system.

Oracle's Java has become the new low-hanging fruit. Attackers used to target Adobe products as the weak link in the security chain, but Adobe has worked diligently to improve the security of its products, and--more importantly--the speed and predictability of its patches and updates. As a result, the focus has shifted to Oracle, and Oracle seems ill prepared to respond.

The alleged zero-day flaws exploited by attackers aren't truly "zero-day." The vulnerabilities were discovered and reported to Oracle in April. Oracle ostensibly planned to address them at some point--hopefully in the routine update scheduled for this fall. It seems evident that leaving critical flaws open for months gives attackers too much time and leaves customers at a distinct disadvantage.

Security Explorations--the Polish security researchers who raised the alarm over the flaw contained in the new Java patch--says that Oracle has quite a few more unpatched vulnerabilities on its plate. Out of 29 issues reported to Oracle this year, 25 of them are yet to be addressed.

You should definitely have some sort of anti-malware or general security tool in place across all of your devices--Windows and Mac PCs, smartphones, and tablets. Security tools can often detect unknown threats by identifying certain malicious behaviors, and security vendors are generally much faster at responding to detect and block new threats to protect you while you wait for a patch for the affected products.


Rate This:

Posted by VMD - [Virtual Marketing Department]

Poll
What is your favourite search engine?
Google
Yahoo
Bing

Most Viewed
  Riverbed Launches Industry’s Most Complete Digital Experience Management Solution
  Credence Security to Address Growing Market for GRC Solutions in Middle East Through Partnership with Rsam
  New Mimecast Archive Cloud Capability Streamlines GDPR Management for Email
  Planning and Scheduling Software–Helping Manufacturers Keep Their Customers Happy
  Farsight Security and Infoblox Provide Zero-Hour Protection Against Cyberattacks Due to New Domains
  Fujitsu Launches High-Security Biometric Authentication Solution for Active Directory IT Environments
  Rackspace Wins 2017 Red Hat Innovator of the Year Award
  ServiceNow Survey Shows 2018 as the Year of Automation for Routine Enterprise Work
  4 Tech Hacks to Faster Customer Onboarding
  New Mimecast Report Detects 400% Increase in Impersonation Attacks
Contact Us
Site Map
News RSS
Terms of Use

Developed & Managed By ROOT Technologies - Copyrights ROOT Technologies - All Rights Reserved.