DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
What's in store for DevOps in 2023? Hear from the experts in our "DZone 2023 Preview: DevOps Edition" on Fri, Jan 27!
Save your seat
  1. DZone
  2. Coding
  3. Java
  4. Java 7 Update 11 Released to Address Security Issues

Java 7 Update 11 Released to Address Security Issues

James Sugrue user avatar by
James Sugrue
CORE ·
Jan. 14, 13 · Interview
Like (1)
Save
Tweet
Share
10.41K Views

Join the DZone community and get the full member experience.

Join For Free

On Sunday, Oracle released Java 7 Update 11 in order to address the recent security issues that had lead Mozilla to add recent versions of Java to it's add-on blocklist.  With the latest update in place, you should be able to re-enable Java in your browser with peace of mind. 

However, according this latest article on Reuters, there may still be further security flaws:

Adam Gowdiak, a researcher with Poland's Security Explorations who has discovered several bugs in the software over the past year, said that the update from Oracle leaves unfixed several critical security flaws.

"We don't dare to tell users that it's safe to enable Java again," said Gowdia

In case you missed the news, the 0-day  exploit allows attackers to run arbitrary code on client systems through malicious web pages. The thing is that this exploit wouldn't have worked if Oracle had issued a complete fix for a insecure implementation of the Reflection API.

Let's assume that's all in the past now - what was changed in this latest update? Mainly the default security level has been changed to high, from medium, for all applets and webstart applications. This means the user is always warned before any unsigned application is run. 

One thing: if you have the standalone version JavaFX 2.x installed, you'll have issues seing the security level slider in Control Panel. To get around this just uninstall the standalone version.

This whole issue has people a bit spooked about Java in their browser. Will you go ahead and re-enable Java on your web browser? Or are you going to take the ultra-cautious approach, and wait until security analyists say that all is well with Java?

security Java (programming language)

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • 7 Awesome Libraries for Java Unit and Integration Testing
  • Deploying Java Serverless Functions as AWS Lambda
  • What Is a Kubernetes CI/CD Pipeline?
  • Bye Bye, Regular Dev [Comic]

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: