Author Topic: Oracle Settles FTC Charges That It Deceived Users About Java Security Updates  (Read 858 times)

Offline Jasper The Rasper

  • Administrator
  • Jr. Member
  • *****
  • Posts: 76
    • View Profile
Quote
12/21/2015 Dark Reading Staff

Oracle will have to be more forthright and communicate the truth via social media and anti-virus companies going forward.

Oracle has agreed to settle Federal Trade Commission charges that it had deceived customers. Oracle told customers that by installing an update to JavaSE it would make their machines "safe and secure," despite the fact that the update often left vulnerable versions of JavaSE on the users' machines.

The update only replaced the most recent version of JavaSE residing on the machine -- it stopped short of uninstalling any other versions also residing on the computer, and did not uninstall any versions earlier than JavaSe 6 update 10 at all. According to the FTC, Oracle knew of this shortcoming in 2011 and did not fix it until August of 2014.

http://www.darkreading.com/vulnerabilities---threats/oracle-settles-ftc-charges-that-it-deceived-users-about-java-security-updates/d/d-id/1323643