Oracle Finally Kills Java Browser Plugin

goodbye-javaOracle’s much-abused Java browser plugin is finally en route to its final resting place. According to Oracle, the plugin will be deprecated in the next release of Java version 9—which is currently available in an early beta stage.

The Java plugin has long been a source of many security flaws and malware issues. Oracle, who acquired Java as part of its 2010 purchase of Sun Microsystems, acknowledged the impact that the Java plugin has had on security and committed to a Microsoft-style “security push”. However, a number of incidents over the years have shown how older versions of Java could be widely and heavily exploited by attackers. Taken altogether, these developments tell us that the threat environment for Java has increased significantly in ways that have not been easy to address.

[READ: Windows XP and Java 6: Creating the “Perfect Storm” for Attacks in 2014]

Java’s quick rise to fame 20 years ago started with the introduction of applets which allowed richer development functionality through a browser plugin during a time when browser capabilities were limited. As Java evolved to become one of the chief development platforms, so did the applets hosts—the web browsers. This eventually led to browser makers restricting standards based on plugin support from their products. By late 2015, browser vendors such as Microsoft and Google killed off support for Java applets for Edge and Chrome.

The demise of the Java plugin technology will completely take place in a future Java release (TBD). Oracle warns businesses who still rely on Java browser plugin that this will be the final call to migrate away from the plugin.


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.