Yahoo 5 Years Behind on Java Security

Ben Weitzenkorn, TechNewsDaily Contributor

February 12, 2013 at 5:55 PM

Keeping software up-to-date is one of the easiest and most effective ways to prevent computer infections from wreaking havoc on your system.

But for some reason, Yahoo is telling its small-business customers to use a version of Java that, by Internet standards, is pretty ancient.

Yahoo's misstep affects those who use SiteBuilder, a free tool for creating Web pages in Yahoo's hosting environment, reported independent security blogger Brian Krebs.

SiteBuilder requires the use of the Java software platform. But instead of serving up the latest, most secure version, users are asked to use Java 6 Update 7, which hasn't been current since 2008.

Yahoo's own page promoting SiteBuilder copyrights all material in 2007, and the SiteBuilder download page recommends Windows XP as the optimal operating system. (SiteBuilder will also run on Windows 2000.)

Whether Java 6.7 actually is required to run SiteBuilder is still unclear. A commenter on Krebs' site said SiteBuilder would work with newer versions of Java 6, but not with Java 7, introduced in mid-2011.

We tried installing SiteBuilder, but were advised that "Yahoo! SiteBuilder requires a different version of the Java Runtime Environment than the one found on your computer."

What is certain is that users operating older versions of Java are at risk to hundreds of exploits that could lead to computer damage, data theft, identity theft and even stolen funds.

As Krebs notes, outdated versions of Java are the largest point of entry for malware attacks.

The latest versions of Java had numerous security problems just last month, and many security experts recommend disabling Java entirely in Web browsers.

[Why and How to Disable Java on Your Computer]

Combined with an endorsement from Internet behemoth Yahoo, the use of outdated Java code creates a cocktail of confusion and compromised security that disproportionately affects small businesses, many of whom are ill-prepared to handle a malware or hacker attack.

Earlier this month, Yahoo was found to have failed to patch its implementation of WordPress on a developer page, allowing spammers to hijack Yahoo Mail accounts.

Last summer, hackers broke into Yahoo's servers and made off with 450,000 usernames, email addresses and unencrypted passwords corresponding to Yahoo! Voices accounts.

An email seeking comment from Yahoo was not immediately returned.

This story was provided by TechNewsDaily, a sister site to LiveScience.

Yahoo Sports
Based on the odds, here's what the top 10 picks of the NFL Draft will be
What would a mock draft look like using just betting odds?
3d ago
Yahoo Sports
Broncos, Jets, Lions and Texans have new uniforms. Let's rank them
Which new uniforms are winners this season?
1d ago
Yahoo Finance
Jamie Dimon is worried the US economy is headed back to the 1970s
JPMorgan's CEO is concerned the US economy could be in for a repeat of the stagflation that hampered the country during the 1970s.
2d ago
Yahoo Sports
Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill
Vincent Goodwill and Tom Haberstroh break down last night’s NBA Playoffs action and preview several games for tonight and tomorrow.
21h ago
Autoblog
These are the cars being discontinued for 2024 and beyond
As automakers shift to EVs, trim the fat on their lineups and cull slow-selling models, these are the vehicles we expect to die off soon.
2d ago
Yahoo Sports
Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion
The Red Sox were already mourning the loss of Tim Wakefield from that 2004 team.
5d ago
Yahoo TV
Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.
Ryan Gosling, who starred in the skit, couldn't keep a straight face — and neither could some of the "Saturday Night Live" cast.
2d ago
Yahoo Sports
Ryan Garcia drops Devin Haney 3 times en route to stunning upset
The 25-year-old labeled "mentally fragile" by many delivered the upset for the ages.
4d ago
Yahoo Sports
WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not
Here are five franchises who stood out, for better or for worse.
10d ago
Yahoo Sports
Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal
Dan Wetzel, Ross Dellenger & SI’s Pat Forde react to the huge performance this weekend by Texas QB Arch Manning, Michigan and Notre Dame's spring games, Jaden Rashada entering the transfer portal, and more
3d ago
Yahoo Sports
Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions
Reid's deal reportedly runs through 2029 and makes him the highest-paid coach in the NFL.
3d ago
Yahoo Sports
Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal
Cortés' attempt didn't fool Andrés Giménez, who fouled off the pitch.
5d ago
Yahoo Life
Here’s when people think old age begins — and why experts think it’s starting later
People's definition of "old age" is older than it used to be, new research suggests.
3d ago
Yahoo Finance
Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock
Trump is entitled to an additional 36 million shares if the company's share price trades above $17.50 "for twenty out of any thirty trading days" over the next three years.
2d ago
Yahoo Finance
Retirement confidence in the US ticks up; new rule for financial advisers is set to start
Two-thirds of Americans reported that they feel confident they have enough money for a comfortable retirement, up a notch from last year.
6h ago
Yahoo Sports
2024 NFL mock draft: With one major trade-up, it's a QB party in the top 5
Our final 2024 mock draft projects four quarterbacks in the first five picks, but the Cardinals at No. 4 might represent the key pivot point of the entire board.
4d ago
Yahoo Sports
Oakland University outfielders combine to make spectacular catch vs. Northern Kentucky
Oakland University outfielders John Lauinger and Reggie Bussey combined on what could be college baseball's best catch of the 2024 season against Northern Kentucky.
4d ago
Yahoo Finance
GDP: US economy grows at 1.6% annual pace in first quarter, falling short of estimates while inflation increases
The reading of first quarter economic growth comes at a crucial time as investors digest the potential impacts of the Fed holding interest rates higher for longer.
3h ago
Yahoo Sports
Dylan Edwards set to be latest Colorado running back to enter transfer portal
All four rushers who had more than 10 carries in 2023 for the Buffaloes are transferring.
2d ago
Yahoo Sports
NBA Playoffs: Lillard sinks the Pacers, Celtics-Heat controversy, plus injury concerns for Kawhi & Embiid
Vincent Goodwill and Amin Elhassan react to (just about) every Round 1 game of the NBA Playoffs after the first games have been played over the weekend.
3d ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

David Pecker returns to witness stand in Trump's hush money trial

Yahoo 5 Years Behind on Java Security

Recommended Stories

Based on the odds, here's what the top 10 picks of the NFL Draft will be

Broncos, Jets, Lions and Texans have new uniforms. Let's rank them

Jamie Dimon is worried the US economy is headed back to the 1970s

Luka makes Clippers look old, Suns are in big trouble & a funeral for Lakers | Good Word with Goodwill

These are the cars being discontinued for 2024 and beyond

Dave McCarty, player on 2004 Red Sox championship team, dies 1 week after team's reunion

Everyone's still talking about the 'SNL' Beavis and Butt-Head sketch. Cast members and experts explain why it's an instant classic.

Ryan Garcia drops Devin Haney 3 times en route to stunning upset

WNBA Draft winners and losers: As you may have guessed, the Fever did pretty well. The Liberty? Perhaps not

Arch Manning dominates in the Texas spring game, and Jaden Rashada enters the transfer portal

Chiefs make Andy Reid NFL's highest-paid coach, sign president Mark Donovan, GM Brett Veach to extensions

Yankees' Nestor Cortés told by MLB his pump-fake pitch is illegal

Here’s when people think old age begins — and why experts think it’s starting later

Donald Trump nabs additional $1.2 billion 'earnout' bonus from DJT stock

Retirement confidence in the US ticks up; new rule for financial advisers is set to start

2024 NFL mock draft: With one major trade-up, it's a QB party in the top 5

Oakland University outfielders combine to make spectacular catch vs. Northern Kentucky

GDP: US economy grows at 1.6% annual pace in first quarter, falling short of estimates while inflation increases

Dylan Edwards set to be latest Colorado running back to enter transfer portal

NBA Playoffs: Lillard sinks the Pacers, Celtics-Heat controversy, plus injury concerns for Kawhi & Embiid