Good news: Oracle says the next major version of its Java software will no longer plug directly into the user’s Web browser. This long overdue step should cut down dramatically on the number of ...

Oracle says that starting with April 18, 2017, Java (JRE) will treat all JAR files signed with the MD5 algorithm as unsigned, meaning they'll be considered insecure and blocked from running. Oracle ...

Oracle has finally announced its intent to nail the coffin shut on its Java browser plugin. It’s the end of an era. Oracle has announced its intent to nail the coffin shut on the Java browser plugin.

Oracle will retire the Java browser plug-in, frequently the target of Web-based exploits, about a year from now. Remnants, however, will likely linger long after that. “Oracle plans to deprecate the ...

Starting in April, Oracle will treat JAR files signed with the MD5 hashing algorithm as if they were unsigned, which means modern releases of the Java Runtime Environment (JRE) will block those JAR ...

Today, my ZDNet colleague Ed Bott published a scathing investigative report of how Oracle partners with shovelware companies in order to monetize the distribution of the Java JRE. Given that I work ...

While most of the fixes for Java, Database, and MySQL are run-of-the-mill, four are rated critical if the targeted user has administrator privileges Oracle issued a gargantuan quarterly patch update ...

Researchers from the Polish firm Security Explorations have identified a serious vulnerability in the latest version of Java that completely bypasses the new security level Oracle recently introduced ...