Threat Post

Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes

Researchers at Security Explorations say a change implemented by Google to the Java security model as its implemented in the Google App Engine leads to sandbox escapes. A tweak carried out by Google ...
Threat Post

Oracle Addresses Java’s Symptoms, But Doesn’t Cure Sickness

Security experts are lukewarm on Oracle’s security plans for the Java browser plug-in, largely because they don’t address code innate to the platform’s security sandbox which has been bypassed in a ...
Infosecurity-magazine.com

Java security settings can be ignored by malware

Researcher Adam Gowdiak, founder and CEO of Security Explorations, has revealed that the security settings in the current version of Java can simply be ignored. The Java Control Panel has a slider ...
InfoWorld

Why fixing the Java flaw will take so long

The vulnerability patched by Oracle resides in a version of Java 7 designed to extend Web browsers. The defect made it possible for a malicious Java applet on a Web page to execute arbitrary code on ...
TechRepublic

Work with Java Web Start beyond the sandbox

Java Web Start can make deploying Java apps a breeze, but it may prevent those apps from accessing needed resources. Find out how to use Java Network Launching Protocol and application signing to ...