important goal is finding ways to remove old and unsecure Java
versions from circulation. Oracle recommends that Java users keep
their JRE installations up to date with the latest security baseline
through the Java Auto Update feature. Microsoft Windows users
have long been able to improve the security of their computer by
checking for old versions of Java and removing them using the Java
Uninstall Tool.
On August 6th, Fred Pullen and Jasika Bawa from Microsoft announced, on the Internet Explorer Team Blog, that Internet Explorer will
soon block out-of-date ActiveX controls. On August 10th, Microsoft
updated their their blog with more technical information,
timelines and pointers to more resources for developers and
sysadmins.
This Internet Explorer feature will provide Internet Explorer
users with notifications when web pages try to load out-of-date
Active X controls, like Java ActiveX controls provided by a JRE
below the security baseline [1]. Additional documentation and
information and how to configure and manage this new Internet
Explorer feature are provided by Microsoft.
At Oracle, maintaining the security-worthiness of Java is our
priority. As in this case with Microsoft, we continue to work
together with our partners to keep Java users up-to-date and
secure across different browsers and operating systems.
Enterprises that need to keep an older JRE around for legacy
applications should still use a current JRE installed along the
older JRE and leverage the Deployment Rule Set Functionality to
limit access to the older JRE to well-known applications.
– Don