News

Oracle may be required to warn about insecure Java versions

By admin
Spread the love

Oracle has misled users by stating that certain updates would fix security vulnerabilities in Java, according to an FTC complaint. A proposal has now been drawn up requiring Oracle to notify users about removing unsafe versions of Java.

Oracle took over Sun and with it Java in 2010. Since then, according to the complaint from the American FTC, it has systematically misinformed users about the security of Java. The company claimed that old, insecure versions of the program would be removed during the installation of a new version.

However, it turned out that only the previous version was removed, leaving all kinds of old versions on the system. Previously, new versions were installed alongside old versions during the installation of Java. The problem with this was that the old versions of Java contained many security flaws.

The parties have reached a preliminary agreement under which Oracle must provide users with a notice on the deception for two years via a notice on its website and provide information on how to better protect themselves. A penalty of approximately EUR 14,500 per new violation would also be part of the proposal, which can come into effect in thirty days. Of course, Oracle must also offer options to remove the outdated Java versions.

You might also like
News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

Senate adopts bill to make doxing a punishable offense

News

Apple withdraws Rapid Security Response security update for WebKit vulnerability

News

European Commission adopts successor to Privacy Shield data transfer treaty

Exit mobile version