PITSS Software Experts Advise Developers on Avoiding JAVA Risks for Oracle Forms

Share Article

Due to recent malicious software codes using Java, the experts at PITSS strongly advise developers to take the following precautions.

PITSS strongly encourages organizations to follow the recommendations of Oracle and the Department of Homeland Security; which are to upgrade Java programs in order to reduce system vulnerabilities. PITSS finds this will specifically protect Oracle Forms technology based applications. PITSS is capable through its PITSS.CON software of upgrading and migrating organization’s Oracle Forms applications to an environment free of Java vulnerabilities; and can do so by migrating Oracle Forms applications to ADF.

The Department of Homeland Security’s Recommendation

The United States Department of Homeland Security has recommended that organizations that must run Java to run applications promptly upgrade to Java 7u11 or later (for Oracle Forms application the most recent supported Java version is 7u15). Additionally, The Department of Homeland Security recommends that organizations not currently using Java for its applications disable the Java Runtime and Internet browser plug-ins, in order to reduce the risk of “Zero-Day” vulnerabilities. Attackers have the ability to take advantage of these vulnerabilities and execute malicious codes until a system patch is applied.

PITSS Explains Developer Risks

Martin Disterheft, President of PITSS America explains the risk of running Oracle Forms with a vulnerable Java program “Most Oracle Forms Environments are at risk because the end-user runs older unsupported versions of Oracle Forms applications in their Internet browser via a Java Plug-in. This is a concern for organizations because the only platforms that are supported and certified by Oracle to run Oracle Forms applications on JRE 7 are Forms and Forms” Running JRE 7 with un-certified Oracle Forms releases has been known to cause issues. Thus it is recommended to upgrade the Oracle Forms environment to a supported release before updating the desktops to use JRE 7. Not only does the PITSS.CON software enable orginizations to upgrade any version of Oracle Forms to the latest supported versions in only a few days but also provides a guided process on how to migrate from Oracle Forms to a JRE free environment and therefore significantly reducing the risk of being exposed to any currently unknown security risks.

Oracle’s Vulnerability Assessment and Java Update

The exploit in Java Runtime which has been identified allows attackers, to remotely take control of a computer and run malicious code and software via the Java Runtime and Java Plugin for Internet browsers. There are 58 known vulnerabilities, and the key vulnerabilities used by attackers have been rated the maximum vulnerability level of 10, as indicated by the Common Vulnerability Scoring System. The recommended solution is to upgrade to Java 7u15 or higher which address 47 of these vulnerabilities.

For more information on PITSS or PITSS.CON please email info@pitssamerica.com

PITSS is the leading supplier of fully integrated solutions for effective management of Oracle Forms applications. PITSS specializes in the Modernization and Development of Oracle Fusion Middleware Development Tools (Forms, Reports, JDeveloper / ADF, Application Express) and WebLogic. PITSS enables organizations to increase business value and decrease overall costs by leveraging their existing investment made in Oracle technologies. PITSS offers customers its innovative PITSS.CON software, services and area expertise to automate upgrades and migrations of legacy Oracle Forms and Reports applications to 11g, ADF / Java and APEX.

PITSS was founded in 1999 and is based in Troy, Michigan. PITSS is an Oracle Gold Partner and a member of the Oracle Modernization Alliance.

Visit PITSS at http://www.pitss.com or follow them on Twitter @PITSSAmerica

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Martin, Disterheft
Visit website