Java | News, how-tos, features, reviews, and videos

Oracle rushes out another Java update, fixing 50 vulnerabilities

Oracle says Java 7u13 addresses 50 flaws, many of which left systems vulnerable to remote exploits.

Major flaw in Java-based Spring Framework allows remote-code execution by attackers

There's a major flaw in the Java-based Spring Framework open-source development code that allows remote-code execution by attackers against applications built with it, according to the security firm which identified the flaw. ...

Just patch Java? Easier said than done

You'd think the seriousness of the latest Java threat would force companies to patch or turn off Java in a hurry. It's not that simple

Day after patch, Java zero-day sold to highest bidders

With exploit sold for $5,000 via cybercrime forum, experts double down on calls for consumers to uninstall the software

New Java exploit sells for $5000 on black web; possible threat to millions of PCs

Another previously unpublicized flaw in Java threatens the security of millions of PCs that may still have the application running on it.

What the latest Java flaw really means

As the firestorm around the zero-day Java flaw swirls higher, here's what you need to know -- and do -- about this extraordinary threat

Oracle releases Java fix, but security concerns remain

Oracle has released Java 7 update 11, which addresses a Zero Day flaw that enables intruders to install malware on vulnerable systems.

Java zero-day prompts calls again to disable it

With cybercriminals exploiting the vulnerability, one experts says there is no choice but to disable Java until Oracle patches

Oracle's Java security update lacking, experts say

While Java applications can now be prevented from running in browsers, one analyst said the process for applying the settings makes it 'useless'

Latest Java zero-day exploit renews calls to disable it

Oracle contributes to the problem by not working more closely with the security industry on Java defenses, one security expert said

Java inventor James Gosling building smart marine robots

James Gosling, the inventor of the Java programming language when he worked at Sun Microsystems, finds the security framework for Java he designed still stands up after all these years. In fact he's using it today to design marine...

Apple plugs Java hole, shifts away from plug-in

By turning off Java by default, Apple is making customers choose whether to take the risk in using the troubled browser software

Disclosure of Java zero-day prompted Oracle patch, says researcher

Others says negative of making exploit public outweigh positive of patch because as many as a third of Java users do not patch regularly

Second Java zero-day found: Time to disable it, say experts

Businesses that need to run Java advised to use a white list that prevents employees from visiting anything but trusted sites

In first, Apple issues Java update in sync with Oracle

Normally 'many, many months' behind, which left 650,000 Macs in lurch with Flashback infections and no fix available

Cyber spies exploiting Java, Flash flaws

Such activity is often paid for, or sanctioned by, government agencies

Why you can't dump Java (even though you want to)

So many recent exploits have used Java as their attack vector, you might conclude Java should be shown the exit

Oracle urges removal of older Java versions due to security risks

Company points users to latest Java update, with most recent features, fixes, and performance improvements

Did the Mac malware wake-up call fall on deaf ears?

Many Mac users still refuse to understand what the successful Flashback attack really means. Here's a rational response to their objections

Open source code libraries seen as rife with vulnerabilities

A study of how 31 popular open-source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were...

Load More
You Might Also Like