Linked by lucas_maximus on Mon 5th Dec 2011 17:23 UTC
Java Patch up warmly this winter if you're running Java. That's the advice from .NET shop Microsoft, which reckons Oracle's platform is the single biggest target for hackers. Java proved the single most popular target in the 12-month period to the end of June, according to Microsoft's latest Security Intelligence Report has found here Running Java as a Web-browser Plugin is much more dangerous than Flash, and should disable the Java Applet Plugin.
Thread beginning with comment 499023
To read all comments associated with this story, please click here.
ramasubbu_sk
Member since:
2007-04-05

Oracle can work with Microsoft and pushes the update to Windows Platform via Windows Update. I think, that would help IT Operations team a lot.

I don't know who feasible is this!

Reply Score: 2

CapEnt Member since:
2005-12-18

I think that Windows Market will partially solve this on Win8, at least.

But what Microsoft needs urgently (but will never do it) is to create a way to incorporate the concept of user maintained, centralized versioned repositories, like Linux has for ages.

Reply Parent Score: 6

bannor99 Member since:
2005-09-15

Very good point. It's long overdue for Windows. And having to manually remove every piece of software instead of being able to do it as a batch job is a real pain.

Reply Parent Score: 4

robojerk Member since:
2006-01-10

But what Microsoft needs urgently (but will never do it) is to create a way to incorporate the concept of user maintained, centralized versioned repositories, like Linux has for ages.

"Technically" you can use WSUS with System Center Updates Publisher to provide vendor based repositories. So far only Adobe (Flash, Reader, Acrobat), Oracle (JRE), and Dell (Drivers, tools, etc, etc) have active repositories I believe, and only with the latest versions of their software.

Edited 2011-12-05 21:12 UTC

Reply Parent Score: 3

lucas_maximus Member since:
2009-08-18

TBH the real solution is not to have a plugin installed to your web browser in the first place. There really isn't a need for most users to have the plugin enabled.

Also this isn't just a problem with Windows ... it is a problem with any OS that has the Java plugin installed on a web-browser ... MacOSX had similar problems a couple of years ago, and FireFox disables by default older Java plugins.

http://krebsonsecurity.com/2010/04/mozilla-disables-insecure-java-p...

I have only seen it used on things like Oracle Forms and some other bespoke internal application and some older websites.

Reply Parent Score: 2