Linked by Hadrien Grasland on Thu 20th Jan 2011 21:16 UTC
Privacy, Security, Encryption "In 2010, exploited Java vulnerabilities outpaced the exploit of Adobe Reader and Acrobat," Landesman, senior security researcher at Cisco, said. "Java was 3.5 times more frequently exploited than were malicious PDFs. That really spells out the need for paying attention to what's making the headlines but also paying attention to the types of things that aren't making the headlines."
Thread beginning with comment 459255
To read all comments associated with this story, please click here.
update java
by fran on Thu 20th Jan 2011 21:53 UTC
fran
Member since:
2010-08-06

From what i can gather the problem is not that Java is insecure its because many dont update it to the current versions and ignore the update prompt screen.

Reply Score: 3

RE: update java
by Delgarde on Thu 20th Jan 2011 21:58 in reply to "update java"
Delgarde Member since:
2008-08-19

Newer versions *do* auto-update, just like Firefox or any other decent modern software.

But I imagine it's a big issue for the corporate world, who are more likely to be running ancient Java versions for support reasons. I know I just found an issue with the ancient 1.4 version one of our clients are running - it's fixed in newer versions, but they don't want to pay to get things certified.

Reply Parent Score: 3

RE[2]: update java
by Lennie on Fri 21st Jan 2011 00:10 in reply to "RE: update java"
Lennie Member since:
2007-09-22

Just disable the plugin in the browser, what webpage still uses Java-applets ? Really ?

Edited 2011-01-21 00:11 UTC

Reply Parent Score: 2

RE: update java
by Neolander on Thu 20th Jan 2011 22:07 in reply to "update java"
Neolander Member since:
2010-03-08

If only they made their update system less annoying, people would be more enclined to let it do its job...

Reply Parent Score: 1

RE[2]: update java
by Delgarde on Thu 20th Jan 2011 22:51 in reply to "RE: update java"
Delgarde Member since:
2008-08-19

And less buggy, going by the article. I've not noticed the problems they mention myself (as a Linux user, I don't use their updater), but I can see how that would be annoying.

Reply Parent Score: 2