The vendor will resolve its security problems and enhance its communication efforts, it was according to Milton Smith, the Oracle’s head of Java security as he assured the users of the software. Smith marked out the technology giant’s two main missions in a conference call with Java User Group pioneers.
He said that the plan for Java security is absolutely easy, the first one is to fix Java and the second is to communicate their efforts globally. They can’t really have one step without the other, there is no amount of discussing or justifying is going to make anybody satisfied or do anything for them. They have to fix Java.
Regularly some security experts have recommended the users who do not need Java to open particular websites should simply disable or uninstall the said software. Java was still prone to attacks, regardless of some attempts of Oracle, the firm behind Java considering its acquisitions of Sun Microsystems to establish its vulnerabilities, as the US Department of Homeland Security recently stated.
It was found that Java has a zero-day vulnerability that could let hackers to accidentally control users’ computers with the use of arbitrary code, it was a week surpassing the US government’s warning. Last year, it took Oracle a week to approve a fix for another zero-day execution that denoted a risk to all web browsers outfitted with the software.
As stated by security specialist Brian Krebs, last year vulnerabilities in Java software were also being sold online for five digits. The unchanging security issues with Java and what is generally felt to be a careless response of Oracle has forced to an extensive record of the software by computer security experts.
He said that they have lots of various audiences that they want to communicate with and sometimes it is difficult to obtain the message that they want to deliver. The small group that works on Java security needs to get better at communicating with their customers, the media and the IT professionals that operates data centers, the Java security head added.
REFERENCES:
http://www.computing.co.uk/ctg/news/2239467/oracle-java-security-chief-we-ll-fix-java
http://www.techinvestornews.com/Oracle/Latest-Oracle-News/oracle-java-security-chief-well-fix-java
http://zatz.com/webspherepower/2013/01/29/oracle-java-security-chief-well-fix-java/
http://jaxenter.com/we-will-fix-java-security-pledge-oracle-devs-46079.html
http://www.cio.co.uk/news/3422905/well-fix-java-and-communicate-better-oracles-java-security-head-says/