 |
 |
On Tue, 5 Feb 2013 13:41:00 -0500, STeve Andre' <[log in to unmask]> wrote: >On 02/05/13 13:36, David Graff wrote: >> On Tue, 5 Feb 2013 13:28:47 -0500, STeve Andre' <[log in to unmask]> wrote: >> >>> On 02/05/13 13:24, David Graff wrote: >>>> Is anyone else in a situation where they need extended support on a >>>> now-defunct version of the Java Runtime? We run an application that will >>>> only work with JRE 6, which is hitting support EOL at the end of the month. >>>> The application launches through the browser plugin, and at the rate that >>>> Java vulnerabilities are coming out that could prove to be a huge liability. >>>> >>> Given the wonderful track record of Java as of late, I would spend >>> money to fix this if at all possible. NO ONE I know who uses Java >>> is resisting the move to 1.7 -- staying current with Java has proved >>> as important as keeping Flash current. >>> >>> If this is some proprietary thing, I'd lean heavily on the place that >>> makes it to allow for an upgrade. >>> >>> --STeve Andre' >> Unfortunately, 1.7 isn't an option. It's a canned product that is then >> customized in-house, and we are a couple releases behind. The latest version >> dumps the JRE for a standard Oracle Forms interface, but all the existing >> content has to be re-written before that upgrade can occur and I'm expecting >> that to take a few years. >> >> Believe me, I would love to rip out every single JRE install and never touch >> that terrible software again but it just isn't an option. >> >> >I understand. That being the case I would isolate the machine >as much as possible. I'd keep it off the net entirely and bring >in data only when reconnected, or by USB device. > >The latest 1.7 update contains a horrifying number of fixes, >and most of those problems are in 1.6. That box is going to >be a real horror if some nasty Java exploit is in the wild and >hits it. > >--STeve Andre' Well, it's browser-based client software running on every one of our 500 domain workstations. Plus some users in other departments around campus. Isolation isn't exactly an option here. Basically, I'm screwed. Just not sure to what extent yet.