Oracle settles charges that it misled you on Java security

Oracle has to not only notify you about its security risks, but help you uninstall vulnerable Java copies.

Sponsored Links

Jon Fingas
December 22nd, 2015
Oracle settles charges that it misled you on Java security

Oracle's Java software is known for creating its share of headaches, but security is arguably the biggest. For one thing, upgrading to the latest version of Java Standard Edition didn't always remove every old version -- up until last year, it'd leave ancient copies that exposed your PC to attack. And now, Oracle is paying the price. It's settling FTC charges that it "deceived" customers by failing to warn about the security risks behind its Java SE upgrade process. Larry Ellison and crew will have to both warn users about those risks and create tools to remove those older, more vulnerable copies.

Given that the issue was effectively tackled earlier, the FTC deal is something of a formality. Nonetheless, it could do a lot to keep both Oracle and other software developers on their toes. Ideally, they'll think twice about sloppy uninstalls that leave insecure code behind -- the FTC may not be so gentle the next time around.

[Image credit: Shutterstock]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget