Update 80 Vulnerabilities: Java 7

The Legacy Risk: Java 7 Update 80 and the Perils of EOL Software

K17079: Java SE vulnerabilities CVE-2015-2590 and ... - My F5 java 7 update 80 vulnerabilities

CVE-2017-10271: A flaw in the WLS Security component that allowed for remote exploitation without authentication. The Legacy Risk: Java 7 Update 80 and

| Use Case | Risk Level | Recommendation | | :--- | :--- | :--- | | Desktop user with browser plugin active | CRITICAL | Uninstall immediately. Any web browsing exposes you to drive-by exploits. | | Desktop user, plugin disabled, only offline apps | HIGH | The moment an application calls Runtime.exec() on remote data, you are vulnerable. Migrate apps. | | Legacy server (Windows 2008 / Solaris) | HIGH | Deserialization and RMI exploits can lead to complete compromise. Isolate the server with strict firewalls. | | Embedded system (ATM, medical device) | HIGH to EXTREME | Physical attack surface plus network exposure is a disaster. Contact the vendor for an embedded JVM update. | Notifications: