Don't-Miss Stories

Oracle adds long-awaited whitelisting capabilities to Java

Oracle added a feature in Java that lets companies control what specific Java applets are allowed to run on their endpoint computers, which could help them better manage Java security risks.

HSA targets native parallel execution in Java virtual machines by 2015

Industry consortium HSA Foundation intends to bring native support for parallel acceleration in Java virtual machines, which would make it easier to tap into multiple processors like graphics processors to speed up code execution.

Hackers targeting servers running Apache Struts applications, researchers say

Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.

java

Microsoft to offer Java as a service

Adding to a growing portfolio of enterprise software it offers as hosted services, Microsoft plans to add Java to its Windows Azure cloud service.

Don't Ask! Avoid unwanted toolbar offered in pushy Java installations

As it turns out, constant security holes aren't the only aggravation that comes with using Java, according to a new report.

Oracle and ARM to tweak Java

Oracle and ARM are working together to make the Java programming language more suitable for ARM processors, in order to encourage its use for embedded systems and enterprise software.

malware

New vulnerability in Java 7 opens door to 10-year-old attack, researchers say

A new vulnerability in Java 7 could allow attackers to bypass the software's security sandbox and execute arbitrary code on the underlying system.

Most business networks riddled with vulnerable Java installations, report says

Despite the significant Java security improvements made by Oracle during the past six months, Java vulnerabilities continue to represent a major security risk for organizations because most of them have outdated versions of the software installed on their systems, according to a report by security firm Bit9.

Massive Java update won’t get Oracle out of attacker’s crosshairs

Oracle fixed a number of critical security flaws in Java with the latest update, but it's still too slow to patch and attackers will continue to take advantage.

Java update patches 40 security issues

Oracle addressed 40 security issues in Java and enabled online certificate revocation checking by default in its scheduled critical patch update for Java on Tuesday.