Greetings, I represent a commercial software organization with numerous signed Java Applets deployed by hundreds of large IT organizations around the world. Most are invoked by JavaScript. I don't know exactly how many end users we have, but it's safe to say it's >10,000 and perhaps >100,000. The application is for file management, so naturally the Applets are designed to work with user's directories/folders and files.
We have been mostly blind-sided by Java 7 Updates 21 & 25, and I fear that Update 40 will hit us again in some unexpected way. We are trying to change our Applet architecture to align with the go-forward approach, but I can't seem to find any decent forward-looking information. Somewhere, probably inside Oracle, such plans exist. Are they secret? If not, can they be shared? To be clear, those of us who understand how Applets work in browsers (including JavaScript integration) have known about most of the security problems that have been fixed already. What we need to know is the ordering/pacing of forthcoming security changes, so we have a chance of focusing our work to deploy patches to customers timed to align with the time when Oracle sends Java updates. Thanks, Mark Ludwig Lifecycle Coll Product Lifecycle Management Siemens Industry Sector Siemens Product Lifecycle Management Software Inc. 5939 Rice Creek Parkway Shoreview, MN 55126 United States Tel. :+1 (651) 855-6140 Fax :+1 (651) 855-6280 [email protected] <[email protected]%20> www.siemens.com/plm
