As an IT admin, it is important to understand the security implications of updating Java 8 with the latest security feature, Update 20. This update was released in April 2014 and includes several changes to the security model for Java applications, as well as the ability to disable certain prompts. This article will explain the security implications of the update and provide instructions for disabling the prompts.
The primary security feature of Update 20 is the introduction of the Security Baseline. This is a set of security policies that are applied to all Java applications and applets. The baseline is designed to reduce the risk of malicious code being run on a user’s system, by preventing the execution of unsigned or unverified code. The baseline also prevents the execution of code signed with a certificate that has expired or been revoked.
The other major change in Update 20 is the introduction of the Security Prompts. These are pop-up windows that are triggered when an unsigned or unverified applet or application is encountered. The prompt will ask the user to confirm whether the code should be allowed to execute.
The security implications of the update are that it reduces the risk of malicious code being executed on a user’s system. However, it also means that certain applications may be blocked from running, as they may not be signed or verified. Additionally, users may be annoyed by the security prompts, which can be disruptive and time consuming.
Fortunately, it is possible to disable the security prompts in Update 20. To do so, open the Java Control Panel (Start > Control Panel > Java). From the Security tab, select the “Enable Java Content in the Browser” checkbox and then click the “Advanced” button. Under Security Settings, select the “Do not show security prompts” option and then click “OK”.
This will disable the security prompts, but it is important to note that the baseline security policies remain in place. This means that unsigned or unverified code will still be blocked from running.
In conclusion, Update 20 to Java 8 has a number of security implications, which include the introduction of the Security Baseline and the Security Prompts. The Security Baseline helps to reduce the risk of malicious code being run on a user’s system, but it also means that certain applications may be blocked from running. The Security Prompts can be disruptive and time consuming, but they can be disabled using the Java Control Panel. Ultimately, it is important for IT admins to understand the security implications of the update and the options available for disabling the prompts, if necessary.