More
    Security

    Oracle Beefs up Security in New Java 7 Update

    By Paul Mah

    Oracle earlier this week released Java 7 Update 10 that adds new configuration options, which should serve to significantly beef up Web browser security. The key improvement here revolves around the ability to disallow Java applications from running in a Web browser, which can now be configured from a central location within the Java Control Panel.

    Often considered to be the most security plagued plug-in, the Java runtime is heavily targeted by hackers in order to gain a foothold into computers via the Web browser. Indeed, it is for this reason that security experts typically encourage users to disable Java from running in the browser, or even to uninstall Java entirely where tenable.

    Unfortunately, preventing Java from running within browsers had to be done browser by browser in the past, which is a time-consuming affair that is prone to errors. Moreover, it is also not unheard of for a new Java update to inadvertently re-enable Java applications in browsers.

    The latest changes in Java 7 Update 10 mean that SMBs can quickly and easily disable the running of Java applications within browsers by deselecting the “enable Java content in the browser” checkbox — and have the new configuration applied across all installed browsers. In addition, a mechanism will also let users know when their Java installation is out of date, and prompts them to update.

    Finally, the new Java Control Panel also offers the option of defining a security level, which will determine how the Java runtime will treat trusted and untrusted Java applets. The default is pegged at “medium,” which will allow untrusted applets without user confirmation — though not if the Java installation is determined to be “out of date.” Setting it to “high” will force user confirmation prior to running untrusted applets, while “very high” results in a prompt for every Java applet — whether signed or not.

    In related news, Oracle has also announced that it will end Java 6 security support after February 2013, though Oracle Technology Network and business users will still be able to access support.

    Previous article
    Operation: End of the World Survival
    Next article
    A Lighter Look at Life in IT
    Paul Mah
    Paul Mah

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles

    The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.

    Advertisers

    Advertise with TechnologyAdvice on IT Business Edge and our other IT-focused platforms.

    Advertise with Us

    Menu

    Our Brands

    Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.