back to article Java update tackles multiple critical flaws

Oracle has released a cross-platform update for Java that addresses 17 vulnerabilities in the ubiquitous software platform. All 17 vulnerabilities might be abused to inject code into vulnerable systems, and all but one affect how Java Runtime Environment client software runs in browsers. Java 6 update 26 for Windows, Linux …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    Let's face it

    Java, Adobe Reader, Adobe Flash are all ubiquitous and are good choices for attack vectors. Even easier than Windows as they tend not to get updated.

  2. Anonymous Coward
    Anonymous Coward

    Does anyone actually use Java in a browser any more?

    Indeed, if you're not a developer or use Java in an office intranet, why would you have it installed at all - its just one more, quite impressive, source of attack vectors to your computer and network?

    1. Paul Crawford Silver badge
      Unhappy

      @Does anyone...

      ...actually use Java in a browser any more?

      Sadly yes, for some crappy web sites that either don't work, or are a major pain otherwise. Examples include:

      Facebook's photo uploader, either hand selecting 5 images at a time, or allowing them to access your machine via a Java thing to allow all files in a directory, etc, to be selected. No way on my PC!

      One of the genealogy web sites my father uses is so crap a design that your choice is to use IE & ActiveX enabled, or a Java viewer (which, last time I looked at his PC, is also out of date and leaves an ever-increasing tree of cache directories):

      http://www.scotlandspeople.gov.uk/Content/FAQs/Questions/index.aspx?206

      The Devil & deep blue sea as far as security is concerned! For him I set up Linux & Java as the least-worst option for this.

  3. Tchou
    Megaphone

    Java is

    doomed, so are all those bloated managed crap.

    1. Tchou
      Holmes

      I guess thumbs down

      are the best proofs some people swallowed the Java propaganda.

      : )

  4. nyelvmark
    Thumb Up

    Thanks

    This PC has always had the Java VM running on it, and I'd always assumed that something-or-other other used it. From this article and from remarks here and elsewhere, I can see that it isn't, so I just uninstalled it. Hopefully it will improve my boot time a tad, too.

    One of the voices in my head said "we might want to develop something in Java one day", but the other voices all just looked at it, until it said "I'll get my coat".

    1. Ilgaz

      You can't develop java with it

      You need JDK and even if you install it, there is a little (almost no) need to enable java applets in browsers.

      Vm isn't the problem, browser applets automatic running is the problem.

      Also you won't get a speed up on booting if you remove java, it isn't resident except 700KB java update checker. They should have used windows built in scheduling like Apple software update btw.

      Successful, secure apps are always "real" stuff,for example Vuze, not java applets. Applets have very stupid restrictions anyway.

      1. Kubla Cant Silver badge

        Successful, secure apps are not Java applets?

        Tell that to Thomson Reuters, who have several successful (i.e. popular and profitable), secure applications for trading FX and other instruments, all delivered as Java applets and Java Web Start. The users are tier 3 institutions, rather than full-time traders, because the Internet introduces latencies that are unacceptable for the latter, but they still trade billions of dollars.

        Before working on these applications I too thought applets were just annoying gadgets embedded in web pages. To my surprise I discovered that an applet can be a good way to deliver a large, complex application to the desktop. No need for distribution media or download instructions. No requirement to get authorisation for a desktop installation - in companies that have outsourced their IT infrastructure this can take months.

        This is something I wish I'd known before I spent a year rewriting a Java Swing program as a web application.

  5. Anonymous Coward
    IT Angle

    Just installed java

    and there is no difference in browsing the net. Maybe it is slightly faster to open a new browser window. But no error messages or anything.

    Why was it installed at all, and who had installed it?

    Icon: not because of the angle, but because of the question mark

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019