Java - The Most Valunerable Browser Plugin

Bookmark and Share
Adobe’s Flash media plug-in for Web browsers doesn’t exactly have a stellar security record, requiring several urgent security updates to squelch zero-day exploits. However, computer security experts are now calling attention to Java, noting that many Internet users are running browsers with outdated Java implementations that contain serious security holes of their own. In a session at this year's RSA Conference in San Francisco, Qualys CEO Walfgang Kandek unveiled data that showed that of over 200,000 browsers that visited his company’s BrowserCheck security service between July 2010 and January 2011, some 42 percent were running out-of-date Java plug-ins with known vulnerabilities. The number of people running out of date Flash plug-ins stood at 24 percent. In between came Adobe Reader at 32 percent, followed by Apple QuickTime at 25 percent. 

The figures come just as Oracle has released an update to Java which patches some 21 vulnerabilities, 8 of which are considered extremely critical and some 19 of which could be exploited over a networking without valid login credentials. Oracle also issued multiple updates to Java throughout 2010 to address vulnerabilities.