Security Management Strategies for the CIOOracle has officially released Java 7, the first major update to the software platform in five years, to include some security updates and several new features.
The new Java 7 features include the use of elliptic curve cryptography and the option to switch off weaker encryption schemes. The Java 7 security enhancements also include improvements to Java Secure Socket Extension and TLS communications, which can prevent some potential attacks.
Oracle says the new Java 7 version coexists with the latest Java 6 Update 27 version and is available for download. Oracle still makes use of different installers for the 32 and 64-bit versions for all operating systems (Linux, Solaris & Windows).
Writing on the SANS security blog, researcher Raul Siles warned users to disable Java v6.
“From a security perspective, if Java 7 is installed (using Windows as the sample platform) on a system that already has Java 6 installed, both versions will remain, so if you only want to run the latest version, ensure you uninstall any previous versions (as we had to do in the past but with the same major release) and do not leave vulnerable Java 6 releases around,” he said. “Considering Java is one of the most targeted pieces of client
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
software today, be ready for
future updates on both, Java 6 and Java 7 in your IT environments (perhaps Java 6u28 and Java
7u1), and plan in advance on how to manage them.”
Join the conversationComment
Share
Comments
Results
Contribute to the conversation