14 DAY TRIAL // Oracle representatives have agreed to come to a settlement with the Federal Trade Commission (FTC) in a four-year-old legal battle regarding falsely advertised Java security updates.
Java, a popular piece of software with over 850 million users worldwide, is often used both online and for offline applications, such as games, chat apps, in browser plugins, and more.
According to the FTC, in 2010, after Oracle acquired Java via the Sun purchase, the company promised and falsely delivered Java security updates.
As an FTC investigation discovered, Oracle was delivering Java updates that only removed recent versions of Java SE but left behind extremely old releases, even if known to be extremely vulnerable.
The FTC filed an official complaint, but officials said that Oracle continued with this insufficient and inefficient update process until August 2014.
Flawed update process left older, vulnerable Java versions behind
The problem, in the FTC's eyes, resides in the fact that Oracle never let users know during the update installation process that they needed to manually remove older versions of the software, and that this operation was not carried out automatically by the update installer itself. To be fair, the FTC did say that Oracle had such a notice on its website.
According to a statement released yesterday, the two companies decided to come to an agreement regarding this issue, with no fine for Oracle.
"Under the terms of the proposed consent order, Oracle will be required to notify consumers during the Java SE update process if they have outdated versions of the software on their computer, notify them of the risk of having the older software, and give them the option to uninstall it," reads the settlement.
Additionally, the company will also be prohibited from making any false or deceptive statements regarding its products' security and privacy, will have to provide instructions and tutorials for users on how to remove older Java versions, and also publish the settlement's details on its website and social media accounts.