Oracle JRE 8 nfig file must contain proper keys and values.
Applet sources considered trusted can have their. Even for signed applets, there can be many sources, some of which may be purveyors of malware. Java applets exist both signed and unsigned. Oracle JRE 8 must lock the dialog enabling users to grant permissions to execute signed content from an untrusted authority. The deployment.properties file is used for specifying keys for the Java Runtime. Oracle JRE 8 must have a deployment.properties file present.īy default no deployment.properties file exists thus, no system-wide deployment exists.
Java 8 jre software#
Using only authorized software decreases risk by limiting the number of. Utilizing a whitelist provides a configuration management method for allowing the execution of only authorized software. Oracle JRE 8 must enable the option to use an accepted sites list. Oracle JRE 8 must prevent the download of prohibited mobile code.ĭecisions regarding the employment of mobile code within organizational information systems are based on the potential for the code to cause damage to the system if used maliciously. Whitelisting, blacklisting, and signing of applications help. Denying these applications could be detrimental to the user experience.
Java Web Start (JWS) applications are the most commonly used. Oracle JRE 8 must be set to allow Java Web Start (JWS) applications. Running an older version of the JRE can introduce security vulnerabilities to the system. Oracle JRE 8 is being continually updated by the vendor in order to address identified security vulnerabilities. The version of Oracle JRE 8 running on the system must be the most current available. Findings (MAC III - Administrative Sensitive) Finding ID
0 kommentar(er)
