Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Security Updates for Java 7 Will Work on Windows XP: Oracle

Oracle has clarified that future security patches for Java 7 will still work on Windows XP, but pointed out that it can no longer provide “complete guarantees” for the software because the operating systems is no longer supported by Microsoft.

Oracle has clarified that future security patches for Java 7 will still work on Windows XP, but pointed out that it can no longer provide “complete guarantees” for the software because the operating systems is no longer supported by Microsoft.

Microsoft officially stopped providing technical support and security updates for Windows XP on April 8 and it has been trying to convince customers ever since to migrate to a current supported operating system to ensure that their computers are protected against cyber threats.

In an FAQ published on the Java website at the beginning of July, Oracle informed customers that they can continue to use Java 7 updates on Windows XP at their own risk, but noted that support will only be provided for Windows Vista or later. The company also revealed that Windows XP users will be unable to install Java 8 on their systems.

Many rushed to conclude that Java will no longer work on Windows XP and that users will not be able to update their installations. However, in a blog post published on Friday, Henrik Stahl, the vice president of product management at Oracle’s Java Platform Group, explained that the rumors are untrue and urged users not to believe everything they read on the Internet.

“We expect all versions of Java that were supported prior to the Microsoft de-support announcement to continue to work on Windows XP for the foreseeable future. In particular, we expect that JDK 7 will continue to work on Windows XP. Security updates issued by Oracle will continue to be pushed out to Windows XP desktops,” Stahl said.

According to Oracle, users will continue to receive automatic updates for Java 7 on Windows XP at least until April 2015, when the end of public updates for JDK 7 is scheduled. The company has also pointed out that while Java 8 is not supported on Windows XP and the installer doesn’t work on this operating systems, users can run it in most cases by unpacking it manually.

“Although Microsoft has retired Windows XP earlier in April, it continues to be heavily used worldwide, both in corporate and home environments. Our initial advice for XP users was to keep all third-party applications up-to-date and to deploy a solid antivirus solution until they migrate to a newer OS,” said Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender, a security company that will continue to provide support for its products on Windows XP until 2016.

“Although Java 7 will still receive updates, its long-term future on Windows XP is uncertain. It would be unfair to ask companies to support an operating system that is not even supported by its vendor anymore. This is yet another reminder that all XP machines should be transitioned to a newer OS immediately,” Botezatu told SecurityWeek.

Advertisement. Scroll to continue reading.

On Tuesday, Oracle plans on addressing a total of 113 security issues, including 20 Java vulnerabilities that can be exploited remotely without authentication.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.