14 DAY TRIAL // In March, Websense reported that almost 93% of Java users had not updated their installations. On Tuesday, in a study on the business adoption on Java 7 updates, the company reported that, one month after its release, only around 7% of users had updated to Java 7 u21.
According to Websense, less than 2% of users updated their installations 2 days after the release of the patch. One week later, the adoption rate was at less than 3%, and 2 weeks later, it was just over 4%.
Java 7 Update 21 fixes 42 vulnerabilities, including 39 that can be remotely exploited. At least one of them has been integrated into exploit kits and is actively exploited in the wild.
This means cybercriminals have a large number of computers they can easily infect.
Oracle has recently claimed that maintaining the security-worthiness of Java is one of the company’s priorities. However, besides their own policies and procedures, maybe they should also focus on raising awareness and getting people to actually apply the updates they release.