NEWS - January 28, 2013
by Carol~ - 1/28/13 11:09 AM
Oracle's Java Chief Promises to "Fix" Java
Oracle pledged to fix the issues in Java and to improve how it communicates with users.
The database giant will "get Java fixed up" to improve security, Milton Smith, Java security lead at Oracle, said during a conference call with Java User Group leaders last week. The conference call came a few weeks after researchers uncovered various attacks exploiting serious vulnerabilities in Java. Even after the company rushed out an emergency update to patch the flaws, researchers found additional bugs.
"No amount of talking or smoothing over is going to make anybody happy. We have to fix Java," Smith said on the call.
Security experts have long advised users who don't regularly access Websites go ahead and disable Java in their Web browsers. The Department of Homeland Security's Computer Emergency Response Team reiterated the recommendation earlier this month. "This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered," according to the CERT advisory. "To defend against this and future Java vulnerabilities, consider disabling Java in Web browsers until adequate updates are available," CERT wrote.
Continued : http://www.pcmag.com/article2/0,2817,2414751,00.asp
Also: Java fix and better communication needed, says Oracle's Java security head