dcsimg
September 25, 2018
Hot Topics:

Report: Java Security Risk Declines

  • January 21, 2015
  • By Developer.com Staff

Back in 2013, Cisco researchers tracked 54 new Java vulnerabilities, but in 2014, only 19 new Java vulnerabilities popped up, according to the company's 2014 Annual Security Report. "There are still old Java exploits floating around, but the Java Virtual Machine (JVM) is continually being updated," said Martin Roesch from Cisco. "I suspect that many Java attacks are against the JVM, and the JVM quality is just getting better with better security."

Roesch added that the Heartbleed vulnerability in SSL continues to be a problem. "Heartbleed was huge, yet 56 percent of OpenSSL versions that we see still have the vulnerability in them," he said. "The most startling thing to me is that people know these vulnerabilities are out there and yet they have no process or discipline in getting them updated."

View article






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 


Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.

Sitemap

Thanks for your registration, follow us on our social networks to keep up-to-date