large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Malware alert over Java plug-in

Users of the Java plug-in could be exposed to malware due to a flaw in the software’s update tool.

Oracle, distirbutor of the software which allows computers to run programmes written in the Java language, agreed to issue an alert on social media and its own site.

The decision follows an investigation by the US Federal Trade Commission (FTC) which, in a complaint to the company, claims that Oracle was aware of security issues in the Java SE plug-in when it bought Sun, the creator of the software, in 2010.

According to the FTC, Orcale assured users that installing updates would ensure their PCs would be safe, even though a risk remained.

Related: Best Android Apps

It said that users were exposed to craft malware which could allow hackers to acquire sensitive customer information such as usernames and passwords for financial accounts.

The original update process did not delete previous versions of the software and Oracle’s initial attempts to address the issue only removed the most recent prior version of Java.

This meant that hackers could still exploit weaknesses in older versions of the software which remained installed on user’s PCs.

The FTC claims that Java is installed on more than 850 million computers, and users who have yet to install the latest versions could still be at risk.

The company will not be fined as a result of agreeing to issue the warning.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.