Skip to main content

Oracle

Oracle: 'We Have to Fix Java'

posted onJanuary 30, 2013
by l33tdawg

Over the course of the last two years, Oracle's Java has been exploited time and again as hackers eviscerate the technology, seemingly at will.

As each exploit emerges against Java, Oracle typically responds within a short period of time with a security update, only to have the update exploited within days. While Oracle has pledged with its successive releases that it is improving Java security, the company has not publicly spoken out about the string of exploitation that has crippled confidence in Java in recent months. That is until now.

Oracle updates Java, Adam Gowdiak says it still has bugs

posted onJanuary 14, 2013
by l33tdawg

Oracle Corp released an emergency update to its widely used Java software for surfing the Web on Sunday, days after the US government urged PC users to disable the program because of a bug it said made computers vulnerable to attack by hackers.

Java security expert Adam Gowdiak, who has discovered several bugs in the software over the past year, said that the update from Oracle leaves unfixed several critical security flaws. "We don't dare to tell users that it's safe to enable Java again," said Mr Gowdiak, a researcher with Poland's Security Explorations.

Oracle taps Nokia for maps

posted onOctober 1, 2012
by l33tdawg

 Nokia and Oracle are expected to announce a deal tomorrow that will give Oracle customers access to Nokia's growing stable of data and location services.

The deal, which is due to be announced at OracleWorld conference in San Francisco, is expected to expand the reach of the Finnish handset maker's Navteq mapping services, The Wall Street Journal reported. Financial details of the arrangement were not revealed.

Oracle Confirms Newly Discovered Java Vulnerability

posted onSeptember 11, 2012
by l33tdawg

Adam Gowdiak, the CEO of Security Explorations – the company that discovered the recent Java vulnerabilities -, told Softpedia that Oracle confirmed the existence of the second flaw, reported on August 31, 2012.

“Oracle confirmed the security issue reported to them on Aug 31, the one that affects the out-of-band patch released on Aug 30. This is visible at our vendor status page,” Gowdiak wrote in an email.

Adam Gowdiak: Oracle knew about Java vulnerabilities for months

posted onAugust 30, 2012
by l33tdawg

Oracle knew since April about the existence of the two unpatched Java 7 vulnerabilities that are currently being exploited in malware attacks, according to Adam Gowdiak, the founder and CEO of Polish security firm Security Explorations.

Security Explorations reported 19 Java 7 security issues to Oracle on Apr. 2. Those issues included the two zero-day -- unpatched -- vulnerabilities that attackers are exploiting to infect computers with malware, Gowdiak said Wednesday via email.

Oracle releases Java SE 7 update 6, bringing first-class support to OS X

posted onAugust 14, 2012
by l33tdawg

Oracle announced on Tuesday that it will start offering direct downloads and auto-updates to Java on OS X beginning with the release of Java Standard Edition 7 Update 6. Users can download the Java Runtime Environment (JRE) directly from Oracle's java.com website "soon," according to Oracle, and will receive auto-updates at the same time as Windows, Linux, and Solaris platforms.

SAP to pay $306M to Oracle after infringement fight

posted onAugust 3, 2012
by l33tdawg

Oracle has won at least one legal battle this week. SAP is paying the hardware giant $306 million in damages resulting from a copyright infringement suit.

Unlike the fight against Google, it looks like victory over SAP really is a payday. SAP's bill to Oracle continues to get bigger as Oracle's general counsel Dorian Daley said in a statement that SAP will have to pay "a minimum of $426 million, including attorneys’ fees."