Today, my ZDNet colleague Ed Bott published a scathing investigative report of how Oracle partners with shovelware companies in order to monetize the distribution of the Java JRE. Given that I work ...

Good news: Oracle says the next major version of its Java software will no longer plug directly into the user’s Web browser. This long overdue step should cut down dramatically on the number of ...

Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle’s Java software that attackers can use to remotely seize control over systems running ...

Update January 10, 2013: A zero-day exploit is in the wild, attacking fully patched versions of Java. You can protect yourself by disabling the Java plugin from your ...

Last month, I wrote about how Microsoft told its users to update Java or kill it. This week, a new 0-day vulnerability in Sun’s software is pushing security companies to do the same, with one ...

Oracle released a security update this week that addresses 17 critical Java vulnerabilities affecting the Java Development Kit (JDK) and the Java Runtime Environment (JRE). The cross-platform Critical ...

Add articles to your saved list and come back to them anytime. Good news: Oracle says the next major version of its Java software will no longer plug directly into the user's web browser. This long ...