Vulnerability Development mailing list archives

Java - JRE, SDK Java Web Start

From: jfvanmeter () comcast net
Date: 16 Jul 2007 15:18:37 -0000

How does everyone feel about java being installed by vendors in a propriety path i.e. program 
files\mysoftware\bin\jre\1.4.0\ and never patching it. 

I ran an enterprise scan to looking for javaws.exe and found it in 175 unique paths. Should they be held accountable 
for the patching of java when they install it?

I had one vendor who installed java 1.3 and 1.4, and when I ask them about it. There statement was you dont have the 
modules that require those versions you can just delete them

How does everyone patch Java that is not installed in its default location?

Current thread:

Java - JRE, SDK Java Web Start jfvanmeter (Jul 17)
- Re: Java - JRE, SDK Java Web Start Kish Pent (Jul 17)
- Re: Java - JRE, SDK Java Web Start Blue Boar (Jul 17)
- Re: Java - JRE, SDK Java Web Start 3APA3A (Jul 18)
- <Possible follow-ups>
- Re: Java - JRE, SDK Java Web Start jfvanmeter (Jul 18)