With the Java SE Development Kit 9, to be published in March 2017, wants to Oracle deliver Java without the unsafe extensions. Who can not do without, despite the high security risks on this Plugin, it should change according to Oracle, the Plug-in-free Java Web Start technology.
As Oracle explains in a Blog, will determined to the Java Browser Plug-in with the release of JDK 9 (Java Development Kit) as “out of date”. “In the course of the future Releases of the Java SE (Standard Edition) is removed the Plugin from both the Oracle JDK from the Oracle Java Runtime Environment (JRE),” according to Oracle.
But who is instructed, for example, Java Applets, which are supported by the Java Plug-in, can be implemented by using the Java Web Start technology. First test versions of JDK 9 is available according to Oracle, is already available for Download. In addition, the company informed developers in a white paper (PDF) about migration options of the Java applet Plug-in-free Java technologies.
Java, Reader, and Flash to draw for 66 percent of all pests and pest variants in the past 10 years. Source: AV-Test
The Java Browser Plug-in-based, such as the one of security leaks plagued platforms, Adobe Flash and Microsoft Silverlight on NPAPI (Netscape Plug-in Application Programming Interface). This is a Standard for Browser extensions dates back to the 90s, and has been for some years in the criticism, to be a gateway for attackers.
So Google announced about 2014, block 2015, by default, all NPAPI-based extensions. Therefore, the existing exceptions for Java fell, Silverlight, and Google Earth Plug-in path. Mozilla will no longer support NPAPI Plug-ins from the end of 2016. Apple has been supporting since 2013 with Mac OS x 10.7, the Java plug-in no longer.
A further Problem is that many users will see in the fact that Oracle if it is not with Java users in the Installation, a Toolbar of questionable Benefit under cheers, if there is a Check-Box against it.
[mit Material von Rainer Schneider, ITespresso.de]