This post originated from an RSS feed registered with Java Buzz
by News Manager.
Original Post: The Future Security of Java
Feed Title: Focus on Java
Feed URL: http://z.about.com/6/g/java/b/index.xml
Feed Description: java.about.com's Focus on Java
<p>On Oracle's Software Security Assurance Blog, Nandini Ramani, Vice President of Java Client Development, has outlined how <a href="http://clk.about.com/?zi=1/1hc&zu=https://blogs.oracle.com/security/entry/maintaining_the_security_worthiness_of">Oracle is addressing security concerns about Java</a>. </p>
<p>From October 2013, the security releases for Java will follow the <a href="http://clk.about.com/?zi=1/1hc&zu=http://www.oracle.com/technetwork/topics/security/alerts-086861.html">Oracle Critical Patch Update schedule</a>. That's four security releases every year. (The currently scheduled dates for Java SE Critical Patch updates are 18 June 2013, 15 October 2013, 14 January 2014 and 15 April 2014). </p>
<p>Oracle has already taken steps to enhance security and give users more control with:</p>
<ul>
<li>enhanced security warnings when executing applets</li>
<li>tighter security privileges for signed applets</li>
<li>discouraging the use of unsigned or self-signed applets</li>
<li>a new Java distribution called Server JRE for Java running on servers. It does not include the Java plug-in or auto-update. In the future it might not include libraries which are unnecessary for server use. </li>
</ul>
<p>In addition, the Security Alert Program should see faster releases of unscheduled security fixes for severe vulnerabilities. </p>