Oracle forced to confess Java is unsafe!
The company that makes Java has been publicly shamed and forced to admit the plug-in can leave users at risk of getting malware.
The US Federal Trade Commission (FTC have ordered the California based company Oracle to display a warning about the security flaws in Java in their website.
The company has to make sure the warning stays on their site for the next two years, they also had to post a message on Twitter and Facebook linking to it.
By the company agreeing to these terms they won’t have to pay a fine for the flaws in their software.
The FTC accused Oracle of braking consumer-protection by lying about the flaws and the security of there plug-in.
Regulators have said between 2010- when Orical bought Java – and august 2014, the updates have affected only the newest version installed on PCs.
The FTC have said the updates did not remove older versions of Java, which were then left unpatched on PCs, and contained security flaws that hackers could then exploit.
The FTC said have said Oracle have “deceived” their users by not telling them older versions of Java were not being removed and what makes it worse is the company knew there was a problem back in 2011. Oracle have formally denied any wrong doing, but the ruling is a significate one because of how widely used Java is. Java is installed on an estimated 850 million computers.
Javas safety has long been a concern, back in 2013 the U.S. Department of Homeland Security warned everyone to disable or uninstall Java due to serious security flaws in the software.
Orical must publish a warning telling people if they are updating Java they can remove the old version using its ‘Uninstall Tool’.
For more information and to read the ruling of the FTC go to their blog post, titled: ‘What’s worse than stale coffee” Stale Java’