Oracle Settles FTC Charges That It Deceived Users About Java Security Updates

  /     /     /  
Publicated : 22/11/2024   Category : security


Oracle Settles FTC Charges That It Deceived Users About Java Security Updates


Oracle will have to be more forthright and communicate the truth via social media and anti-virus companies going forward.



Oracle has agreed to settle Federal Trade Commission charges that it had deceived customers. Oracle told customers that by installing an update to JavaSE it would make their machines safe and secure, despite the fact that the update often left vulnerable versions of JavaSE on the users machines.
The update only replaced the
most recent
version of JavaSE residing on the machine -- it stopped short of uninstalling any other versions also residing on the computer, and did not uninstall any versions earlier than JavaSe 6 update 10 at all. According to the FTC, Oracle knew of this shortcoming in 2011 and did not fix it until August of 2014.
Under the terms of the
proposed consent order
, according to
the FTC release
:
Oracle will be required to notify consumers during the Java SE update process if they have outdated versions of the software on their computer, notify them of the risk of having the older software, and give them the option to uninstall it. In addition, the company will be required to provide broad notice to consumers via social media and their website about the settlement and how consumers can remove older versions of the software.
The consent order will require Oracle to notify consumers on Facebook and Twitter, and also contact Avast Software, AVG Technologies, ESET North America, Avira Inc., McAfee, Symantec, Trend Micro, and Mozilla, to ensure they publish the information in their security bulletins as well.
 

Last News

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Oracle Settles FTC Charges That It Deceived Users About Java Security Updates