Oracle has announced that it’ll soon be killing off the Java browser plugin, news that security-conscious users and IT professionals will no doubt welcome with open arms.
In a brief blog post, Oracle acknowledged that by late 2015, many browser makers either removed or announced timelines for the removal of plugins that use the old Netscape Application Programming Interface (NPAPI) standard – a decision that eliminated the ability to embed Flash, Java, Silverlight and other plugins.
True enough, Java has been a thorn in the side of web security for years. Kaspersky Lab said that in 2012, Java was responsible for 50 percent of all cyber attacks in which hackers broke into a computer by exploiting bugs in software. It got so bad that even the Department of Homeland security urged consumers to disable Java.
Oracle said it plans to deprecate the Java browser plugin in JDK (Java Development Kit) 9 which is slated to be released on September 22 of this year. They’re not necessarily killing it in one fell swoop but rather sweeping it under the rug. It will ultimately be removed from the Oracle JDK and JRE in a future Java SE release, the company said.
Oracle recommends that developers of apps that rely on the Java browser plugin consider alternative options such as migrating to the plugin-free Java Web Start technology. Oracle also published a white paper with information on how to migrate away from the Java plugin.