New Java 7 features improve security

Ron Condon

Oracle has officially released Java 7, the first major update to the software platform in five years, to include some security updates and several new features.

The new Java 7 features

    Requires Free Membership to View

include the use of elliptic curve cryptography and the option to switch off weaker encryption schemes. The Java 7 security enhancements also include improvements to Java Secure Socket Extension and TLS communications, which can prevent some potential attacks.

Oracle says the new Java 7 version coexists with the latest Java 6 Update 27 version and is available for download. Oracle still makes use of different installers for the 32 and 64-bit versions for all operating systems (Linux, Solaris & Windows).

Writing on the SANS security blog, researcher Raul Siles warned users to disable Java v6.

“From a security perspective, if Java 7 is installed (using Windows as the sample platform) on a system that already has Java 6 installed, both versions will remain, so if you only want to run the latest version, ensure you uninstall any previous versions (as we had to do in the past but with the same major release) and do not leave vulnerable Java 6 releases around,” he said. “Considering Java is one of the most targeted pieces of client software today, be ready for future updates on both, Java 6 and Java 7 in your IT environments (perhaps Java 6u28 and Java 7u1), and plan in advance  on how to manage them.”


There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: