Java’s security dilemma: Old, vulnerable versions won’t go away

Users of Java are caught between a rock and a hard place. They often need an older version of Java to run their applications, but those aged releases are susceptible to security breaches, which have plagued Java in recent years. Java accounted for 91 percent of Web exploits tallied — and 14 percent of all successful PC exploits — in Cisco Systems’ recent 2014 Annual Security Report, far outpacing Adobe Flash and PDF documents, the other major “popular vectors for criminal activity,” the report states. Specifically, Java on the client is the problem.