7 steps to securing Java

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CSO, Computerworld, InfoWorld, IT World and Network World Learn more.

Follow this guide to help mitigate Java-based attacks on your organization

Java, the popular OS-independent platform and programming language, runs on just about every kind of electronic device imaginable, including computers, cell phones, printers, TVs, DVDs, home security systems, automated teller machines, navigation systems, games and medical devices.

In response to successful Java-based exploits against companies like Twitter, Facebook, Apple and Microsoft, and continued concern over "zero-day" security flaws that could allow an attacker to remotely execute malicious code that could compromise vulnerable systems., the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) has issued multiple security advisories concerning Java.

In the advisories issued to date, DHS recommends disabling Java in web browsers. In response, Oracle, which took over Java when it bought Sun, has released a number of patches, some out-of-band (earlier than scheduled), and in a recent patch made changes to how Java applets are handled within web browsers.  

In general, warnings potential security threats are nothing new and most network security managers consider them to be part of the daily IT landscape. The usual solution is to patch systems with vendor-supplied updates and follow vendor recommendations for best practices. However in this case, the advice to disable or uninstall the product, issued not by the vendor, but instead by governmental authorities and other third parties, creates an unusual set of challenges for organizations.

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies