Linked by Hadrien Grasland on Thu 20th Jan 2011 21:16 UTC
Privacy, Security, Encryption "In 2010, exploited Java vulnerabilities outpaced the exploit of Adobe Reader and Acrobat," Landesman, senior security researcher at Cisco, said. "Java was 3.5 times more frequently exploited than were malicious PDFs. That really spells out the need for paying attention to what's making the headlines but also paying attention to the types of things that aren't making the headlines."
Permalink for comment 459289
To read all comments associated with this story, please click here.
RE[4]: update java
by Subcomputer on Fri 21st Jan 2011 05:31 UTC in reply to "RE[3]: update java"
Subcomputer
Member since:
2011-01-21

It is more secure in a VM, but the problem here is that the VM itself (or at least older versions) is insecure.

As far as updating, one of the reasons that there are so many old, insecure JVMs out in the wild is the pure ridiculous number of corporate apps that somehow flat out refuse to run on anything but the version they were created with, which often end up being 1.5.

Reply Parent Score: 1