Content deleted Content added
Line 174:
Oracle's JRE is installed on a large number of computers. End users with an out-of-date version of JRE therefore are vulnerable to many known attacks. This led to the widely shared belief that Java is inherently insecure.<ref>{{cite web|author= |url=http://lifehacker.com/5988800/what-is-java-is-it-insecure-and-should-i-use-it |title=What Is Java, Is It Insecure, and Should I Use It? |publisher=Lifehacker.com |date=2013-01-14 |accessdate=2015-06-26}}</ref> Since Java 1.7, Oracle's JRE for Windows includes automatic update functionality.
Before the discontinuation of the Java browser plug-in, any web page might have potentially run a Java applet, which provided an easily accessible [[attack surface]] to malicious web sites. In 2013 Kaspersky Labs reported that the Java plug-in was the method of choice for computer criminals. Java exploits are included in many exploit packs that hackers deploy onto hacked web sites.<ref>{{cite web|url=https://www.kaspersky.com/about/news/virus/2013/is_there_any_protection_against_java_exploits |archive-url=https://web.archive.org/web/20150404000409/https://www.kaspersky.com/about/news/virus/2013/is_there_any_protection_against_java_exploits |url-status=dead |archive-date=2015-04-04 |title=Is there any protection against Java exploits? | Kaspersky Lab |publisher=Kaspersky.com |date=2013-09-09 |accessdate=2015-06-26}}</ref> Java
==See also==
| |||