The Oracle Java Development Kit 7 Update 10 (JDK 7u10) release provides new updating and control capabilities that go beyond what Java users have enjoyed in the past.
Among the new security features in JDK 7u10 is the ability to restrict any Java application from running in a browser. There is also now an alerting mechanism to let users know when their Java installation is out of date. Going a step beyond that, Oracle is now including a “best before” date for every Java installation.
Oracle’s Java 7u10 doesn’t impress Andrew Storms, director of security operations for nCircle, all that much either. Storms told eSecurityPlanet that while the Java 7u10 includes a number of new features designed to bolster security, Oracle still has a long way to go to improve Java security.
“When I make a list of software people should uninstall, Java is always near the top,” Storms said. “Oracle has done a lousy job addressing Java security throughout 2012 and there’s no reason to expect they will change their approach in 2013.”
Read the full story at eSecurity Planet:
Oracle Updates Java 7 Security, but Is It Enough?
Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.