Linked by David Adams on Wed 18th May 2011 02:53 UTC, submitted by HAL2001
Privacy, Security, Encryption Microsoft published volume 10 of the its Security Intelligence Report which provides perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches in both Microsoft and third party software. Microsoft found out that vulnerabilities in applications versus operating systems or web browsers continued to account for a large majority of all vulnerabilities in 2010, although the total number of application vulnerabilities declined 22.2 percent from 2009. The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010 and surpassed every other exploitation category that the MMPC tracks, including generic HTML/scripting exploits, operating system exploits, and document exploits.
Thread beginning with comment 473507
To read all comments associated with this story, please click here.
Comment by sagum
by sagum on Wed 18th May 2011 05:00 UTC
sagum
Member since:
2006-01-23

"The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010"

- Minecraft.

Reply Score: 2

RE: Comment by sagum
by fran on Wed 18th May 2011 14:06 in reply to "Comment by sagum"
fran Member since:
2010-08-06

One of Java's security strong points is that it runs on the JVM (Java virtual machine). It is designed and suppose to be one of the safest programming platforms.

Where lies the problem
1. Third party program vulnerabilities(Java programmers)
2. Java itself
3. Consumer not updating Java.

Reply Parent Score: 2

RE[2]: Comment by sagum
by WorknMan on Wed 18th May 2011 15:13 in reply to "RE: Comment by sagum"
WorknMan Member since:
2005-11-13

I don't run Java myself, and this is just one of the reasons why. Flash is sort of a 'necessary evil', since a lot of the web uses it. Fortunately, Java is not, at least for me. I don't run any apps that use it.

Reply Parent Score: 2

RE[2]: Comment by sagum
by Alfman on Wed 18th May 2011 19:22 in reply to "RE: Comment by sagum"
Alfman Member since:
2011-01-28

fran,

"One of Java's security strong points is that it runs on the JVM (Java virtual machine). It is designed and suppose to be one of the safest programming platforms.

Where lies the problem
1. Third party program vulnerabilities(Java programmers)
2. Java itself
3. Consumer not updating Java."


I'd like to know too. If it hadn't been killed by microsoft, java would be the ideal platform for running highly interactive/intensive apps inside (or outside) the browser on demand.

Of course, supporting such powerful apps in the browser destroys the business case for mobile walled gardens.

Java was a wonderfully innovative platform; maybe in a world not dominated by overreaching control freaks, it would have flourished.

Anyways, the report would be informative if it wasn't so annoyingly vague.

Reply Parent Score: 1