Following Oracle’s announcement regarding Java Plugins, Tod Beardsley, security engineering manager, Rapid7 have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Tod Beardsley, Security Engineering Manager, at Rapid7 :
“Companies are urged to take Oracle’s announcement seriously and start efforts to transition to Java Web Start (a plugin-free Java technology), or other alternative, sooner rather than later. Just like when Microsoft stopped support for Windows XP, we can’t expect that the end of support for Java plugins will instantly eradicate the applications that rely on it. While Java plugins have fallen out of favour on the general, public Internet, there are still plenty of internal networks that need Java plugins to run their internal applications.
Of course, we cannot expect Oracle to support Java plugins forever, but the transition period between Oracle’s announced deprecation schedule and the actual re-engineering work that companies will have to complete to use an alternative may be challenging, potentially including newly discovered vulnerabilities. Organisations working through this transition should be extra vigilant, as anyone currently sitting on an undisclosed vulnerability for this technology will be motivated to use it now — before the majority of companies have switched over.”[/su_note]
[su_box title=”About Rapid7″ style=”noise” box_color=”#336588″]