Oracle is planning to kill an attacker’s favorite: the Java browser plug-in
Oracle will retire the Java browser plug-in, frequently the target of Web-based exploits, about a year from now. Remnants, however, will likely linger long after that.
“Oracle plans to deprecate the Java browser plugin in JDK 9,” the Java Platform Group said in a blog post Wednesday. “This technology will be removed from the Oracle JDK and JRE in a future Java SE release.”
The Java Development Kit (JDK) 9, the reference implementation for the next version of Java SE, is expected to reach general availability in March 2017. By then, however, most modern browsers will no longer accept the Java browser plug-in anyway.