Oracle Rolls Out New Monitoring, Security Features for Java SE 7
Oracle on Wednesday announced the availability of the Oracle Java Development Kit (JDK) 7 Update 40 (JDK 7u40), a release that gives system administrators more control over Java running on desktops, along with several other enhancements.
The latest security feature being introduced is called “Deployment Rule Set,” a feature that allows a system administrator to control which applets or Java Web Start applications an end user is permitted to execute and which version of the Java Runtime Environment (JRE) is associated with them.
This happens because running the installer creates a new instance of Java on the system without removing the older versions, Harry Svedlove, CTO of Bit9, told SecurityWeek previously.
As Oracle’s Erik Costlow explains in a blog post, the deployment rule set available in JDK 7u40 addresses two major points:
1. The desktop administrator’s ability to control Java version compatibility, and default choices on the end-user’s desktop. For example your users may use most recent security updates for most browser applets but still use an old Java 1.6 for that one legacy application that is no longer maintained.
2. The end-user’s awareness of who created the application and their default interaction (ask, run, or block). By seeing the actual company or signer, the user is protected from running code by someone that they do not know. For example, I would trust “My University” or “Erik Costlow” but not “Unknown publisher” or someone else claiming to be me.
Deployment Rule Set provides a common environment to manage employee access in a controlled and secure manner, Oracle said.
Other features and enhancements to JDK 7 include advanced monitoring and diagnostic capabilities that enable customers to gather detailed runtime information and perform efficient data analysis, improved performance and efficiencies for Java on ARM servers, and support for Mac OS X retina displays.
The software giant also said that Oracle Java Mission Control and Oracle Java Flight Recorder are now available as commercial features in the Oracle Java SE Advanced offering.
Oracle Java Mission Control and Oracle Java Flight Recorder continuously collect detailed runtime information, with little overheard, from the JVM and other event producers, such as application servers, Oracle explained.
Customers can use the graphical tools for profiling and after-the-fact incident analysis to understand and resolve issues and for monitoring and fulfilling service level agreements (SLAs).
With expanded support for Apple hardware, Java will now recognize Mac OS X retina displays and automatically generate higher resolution graphics.
“With JDK 7 Update 40 Oracle and the Java community are delivering features and enhancements to the Java platform that provide advanced monitoring and analysis of Java application data, which will help enterprise customers more rapidly analyze, understand and resolve issues; greater security and control over end user Java environments for system administrators; increased efficiency and responsiveness of Java applications running on ARM servers and an overall improved user experience for both developers and end users,” said Georges Saab, vice president of Java SE development, Oracle.
Early this year, Oracle acknowledged the security concerns surrounding Java. In a public acknowledgement of these concerns in January, Oracle’s Milton Smith, head of Java security, held a conference call where he promised increased efforts to communicate with the Java community about security, but agreed that talking about it would not be enough.
“No amount of talking or smoothing over is going to make anybody happy or do anything for us,” Smith said at the time. “We have to fix Java.”
Oracle will highlight the latest Java technology updates at its JavaOne conference taking place in San Francisco from September 22-26.
Related: The Unique Challenges of Controlling Java Exploits