Despite significant improvements in recent months, vulnerabilities in Java continue to represent a major security risk for organizations, according to a new report by security vendor Bit9. Based on usage data collected from about a million enterprise endpoints owned by almost 400 organizations, the report attributed this to the use of outdated versions of Java.
Oracle is scheduled to release fixes for 40 security vulnerabilities in a Critical Patch Update for Java SE today.
The original September 2013 target for the release date of Java 8 is no longer possible, according to Mark Reinhold, chief architect of the Java platform group from Oracle.
Security vendor Websense believes it has uncovered the core problem behind the recent spate of high-profile attacks that exploited Java within browsers.
Fed up with the seemingly endless stream of security flaws discovered in Java? Despite efforts by Oracle to respond faster when resolving vulnerabilities that crop up on the Java platform, don't expect the problem to let up any time soon, according to security researchers and security vendors.
Oracle has finally admitted to security issues with its Java web browser plug-ins, acknowledging in a blog post late last week that users may have been "frustrated with Oracle's relative silence on the issue."
Enterprises should instead be asking themselves: Why shouldn't Java be removed?
Security administrators and IT managers probably know about the latest zero-day Java vulnerability that was widely reported on last week, as well as the subsequent patch released by Oracle that resolved one critical flaw and tweaked security permissions to make the other one harder to exploit.
Oracle's upcoming Database 12c will ship in 2013, and incorporate over 500 new features and performance improvements, said Senior Vice President Andy Mendelsohn, during a keynote address at Oracle OpenWorld. In the wake of CEO Larry Ellison's initial announcement on Sunday, Mendelsohn offered attendees a more in-depth look at the company's next major product, which is expected to make more efficient use of hardware resources.
Oracle has announced the release of MySQL 5.6 at the company's first MySQL Connect conference, which was held over the weekend. The nearly complete version of MySQL 5.6 incorporates improvements designed to make the popular open source database engine work faster, including a refactored InnoDB storage engine, better transaction and read only throughput.