Java 7 Update 10 allows users to restrict the use of Java in browsers

Java users can now block Web-based Java content completely or enforce strict restrictions for it

By Lucian Constantin, IDG News Service |  Endpoint Security, java, Java 7

However, not everyone agrees that companies should migrate to Java 7. Adam Gowdiak, the founder of Security Explorations, a Polish security company with a strong focus on Java vulnerability research, believes that from the prospect of vulnerabilities being found in the code, migrating to Java 7 represents a higher risk than continuing to use Java 6.

"Our research proved that Java 7 was far more insecure that its predecessor version," Gowdiak said via email. "There were also many indications that certain new features introduced into Java 7 such as the new Reflection API didn't run through any security review."

"We are not surprised that corporations are resistant when it comes to the upgrade to Java 7," Gowdiak said. "The number of security bugs we found in Java 7 speaks for itself."

Because of this, Oracle should extend the public support period for Java 6, he said.

According to Oracle's support roadmap for Java, the company will stop issuing public updates for Java 6 after February 2013. Companies interested in receiving Java 6 security advisories, patches and bug fixes, after that date will have to sign up for a commercial extended support service.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness