Dive Brief:
-
Oracle, which acquired Java in 2010 when it bought Sun Microsystems, Inc, settled allegations by the Federal Trade Commission that it failed to notify customers about hacking dangers.
-
The charges stem from when the company released security updates for an estimated 850 million U.S. computers with Java SE software.
-
The FTC says the updates removed some of the problematic software but left behind older versions of Java that were susceptible to hacking.
Dive Insight:
The FTC alleged that Oracle promised consumers that its updates to Java would make the software "safe and secure," yet it failed to advise them that those running older versions of Java would still be vulnerable.
Oracle declined comment on the settlement.
The settlement requires Oracle to notify customers on Twitter or Facebook on how to remove the older software.
It's unlikely Oracle intended to mislead consumers, Rob Enderle, principal analyst with Enderle Group, suggested. Much more likely is that "they simply didn't fully think through what they were saying."
