Slashdot Mirror

← Back to Stories (view on slashdot.org)

Oracle Settles FTC Charges Regarding Deceptive Java Security Updates (ftc.gov)

Posted by timothy on from the why-didn't-they-use-a-crystal-ball dept.

An anonymous reader writes: The FTC and Oracle have come to an agreement regarding Oracle's deceptive Java security updates, which only removed recent versions of vulnerable Java SE, but left behind older, insecure versions. Oracle got away without a fine, but will have to overhaul its Java update process to remove older versions as well.

2 of 33 comments (clear)

  1. Re:Yeah, right ... by crunchy_one · · Score: 4, Insightful

    So, they're going to stop shoving the Ask toolbar as part of their update process?

  2. Good, about time by mitcheli · · Score: 4, Insightful

    I noticed this a few months ago when I built a system and had it scanned for compliance and was getting hit with a several year old hole in Java. I was confused because I knew I upgraded Java on the system. Then I realized that the old version was still there. Truth be said, if I build a machine and I don't absolutely need Java on it, it doesn't get loaded. Same goes for Flash.

    --
    Select from tblFriends where interesting >= 4;