Qualys Blog

www.qualys.com
Amol Sarwate

Oracle delays Java 8 to fix security issues

Oracle got it right when it delayed a brand new release of Java 8 and redirected its engineering effort to fixing security issues in the current version of Java.  It underscores the acknowledgement form Oracle about the seriousness of Java security flaws and their resolve to fix those issues. Java 8 was scheduled to be released in the September 2013 time frame with many new features, including support for programming in a multicore environment. This decision should make sure that Java 8 will not only include all security fixes of Java 7, but also will go through a thorough security testing cycle. You can find comments from Java platform group’s chief architect Mark Reinhold here.

In my opinion, the delay in release of Java 8 is worth the wait.

For an overview of recent Java 0day vulnerabilities please see our Java coverage bellow:

New 0-day for Oracle Java – Update 2

Oracle updates the Java February 2013 CPU

Oracle releases early CPU for Java 7

New Java 0-day vulnerability – Update 3

Oracle CPU October 2012 – Update

Leave a Reply