IT departments are in a tight spot with Java. The pervasive development language comes with serious security risks, yet many business apps still rely on Java to function. Java ushered in a world of write-once/run-anywhere productivity for developers. Developers need only write their application and let the client-side VM handle all of the cross-platform interoperability. For developers, either commercial or in-house, this continues to provide resounding leverage.
Where it began as a client-server environment, Java has become tightly integrated with the browser, enabling rich applications to be installed and launched by clicking a web link. This transition from client-server to Web-based was driven by the release of the browser plug-in and the “Web Start” functionality in the Java environment. This integration pushed the proliferation of Java apps, but it has also exposed corporate data to attack. Its architecture, which allows links to invoke the plug in and access resources on the user’s machine, means that an exploited Java environment can access literally any data on the machine or on your network.
SOURCE: infosecisland.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…
Just one week after the Zoll Medical data breach that…
Independent Living Systems (ILS), a Miami-based healthcare software firm providing…