YOUR FRIENDS' ACTIVITY

    Yahoo 5 Years Behind on Java Security

    By Ben Weitzenkorn, TechNewsDaily Contributor | LiveScience.com – Tue, Feb 12, 2013

    Keeping software up-to-date is one of the easiest and most effective ways to prevent computer infections from wreaking havoc on your system.

    But for some reason, Yahoo is telling its small-business customers to use a version of Java that, by Internet standards, is pretty ancient.

    Yahoo's misstep affects those who use SiteBuilder, a free tool for creating Web pages in Yahoo's hosting environment, reported independent security blogger Brian Krebs.

    SiteBuilder requires the use of the Java software platform. But instead of serving up the latest, most secure version, users are asked to use Java 6 Update 7, which hasn't been current since 2008.

    Yahoo's own page promoting SiteBuilder copyrights all material in 2007, and the SiteBuilder download page recommends Windows XP as the optimal operating system. (SiteBuilder will also run on Windows 2000.)

    Whether Java 6.7 actually is required to run SiteBuilder is still unclear. A commenter on Krebs' site said SiteBuilder would work with newer versions of Java 6, but not with Java 7, introduced in mid-2011.

    We tried installing SiteBuilder, but were advised that "Yahoo! SiteBuilder requires a different version of the Java Runtime Environment than the one found on your computer."

    What is certain is that users operating older versions of Java are at risk to hundreds of exploits that could lead to computer damage, data theft, identity theft and even stolen funds.

    As Krebs notes, outdated versions of Java are the largest point of entry for malware attacks.

    The latest versions of Java had numerous security problems just last month, and many security experts recommend disabling Java entirely in Web browsers.

    [Why and How to Disable Java on Your Computer]

    Combined with an endorsement from Internet behemoth Yahoo, the use of outdated Java code creates a cocktail of confusion and compromised security that disproportionately affects small businesses, many of whom are ill-prepared to handle a malware or hacker attack.

    Earlier this month, Yahoo was found to have failed to patch its implementation of WordPress on a developer page, allowing spammers to hijack Yahoo Mail accounts.

    Last summer, hackers broke into Yahoo's servers and made off with 450,000 usernames, email addresses and unencrypted passwords corresponding to Yahoo! Voices accounts.

    An email seeking comment from Yahoo was not immediately returned.

    This story was provided by TechNewsDaily, a sister site to LiveScience.

    Copyright 2013 LiveScience, a TechMediaNetwork company. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
    Loading...

    More Science News

     

    News for You »

    • Cricket-Root comes of age for England in familiar surroundings

      By Justin Palmer LEEDS, England, May 25 (Reuters) - Proud sons of Yorkshire have served England well with the bat in 136 years of test cricket and Headingley rose as one on Saturday to acclaim a new home-grown hero in centurion Joe Root. The likes of Herbert Sutcliffe, Leonard Hutton, Geoffrey Boycott and Michael Vaughan have batted with distinction for England. Sutcliffe and Hutton's run-scoring feats have never been forgotten by proud Yorkshire folk despite fading in the mists of time since they made hay in the first half of the 20th century. ...

    • Fired for word: 'Negro' in Spanish class

      One of the first lessons one learns in English class is that context is everything. The same holds true in Spanish.

    • Trucker bumps I-5 bridge, sees tragedy behind him

      MOUNT VERNON, Wash. (AP) — The trucker was hauling a load of drilling equipment when his load bumped against the steel framework over an Interstate 5 bridge. He looked in his rearview mirror and watched in horror as the span collapsed into the water behind him. Two vehicles fell into the icy Skagit River.

    • The Video of the Washington Bridge Collapse Is Terrifying

      Seattle's KIRO-TV got their hands on surveillance video capturing the very moment when a too-heavy truck starts crossing the bridge and the supports start to collapse. You can see the next truck start to cross the bridge as the whole thing is coming apart. It is a terrifying video. Watch the whole thing below: 

    • Cycling-Road-Giro d'Italia classification after stage 20

      May 25 (Infostrada Sports) - Classification from Giro d'Italia after Stage 20 on Saturday 1. Vincenzo Nibali (Italy / Astana) 79:23:19" 2. Rigoberto Uran (Colombia / Team Sky) +4:43" 3. Cadel Evans (Australia / BMC Racing) +5:52" 4. Michele Scarponi (Italy / Lampre) +6:48" 5. Carlos Betancur (Colombia / AG2R) +7:28" 6. Przemyslaw Niemiec (Poland / Lampre) +7:43" 7. Rafal Majka (Poland / Saxo - Tinkoff) +8:09" 8. Benat Intxausti (Spain / Movistar) +10:26" 9. Mauro Santambrogio (Italy / Vini Fantini) +10:32" 10. Domenico Pozzovivo (Italy / AG2R) +10:59" 11. ...

    • Vintage Apple computer auctioned off for $668,000

      An auctioneer says one of Apple's first computers — a functioning 1976 model — has been sold for a record 516,000 euros ($668,000). German auction house Breker said Saturday an Asian client, who asked ...

    • 5 climbers missing on world's 3rd highest mountain

      KATMANDU, Nepal (AP) — A Nepalese official says five climbers are missing and feared dead on the world's third highest mountain.

    • Damage reported from magnitude-5.7 quake in Calif.

      GREENVILLE, Calif. (AP) — Residents in rural northeastern California assessed damage to their homes and businesses Friday from a magnitude-5.7 earthquake, one of the strongest temblors to hit the densely forested region in decades.

    Show More
    Loading...

    Follow Yahoo! News