SoylentNews is people
SoylentNews
Or so El Reg is telling us:
Apple's Windows apps have leapfrogged Oracle Java as the biggest security risk to PCs in the US, according to a study by vulnerability management outfit Secunia (now a Flexera Software company). [...]
Secunia's latest quarterly report, seen by The Reg, is a snapshot of software security on PCs used by folks in the US and 14 other countries. For the first time in four consecutive quarters, Java 7 isn't topping the list of most dangerous programs: Apple apps have taken the lead in the third quarter of 2015. [...]
Apple QuickTime 7.x and Apple iTunes 12.x top the list as the most exposed applications on US Windows PCs – a lot of people use them and not a lot of people are patching, in other words.
I thought the greatest risk to Windows PC users was the fact that Windows is installed on it. This seems to continue with Windows 10 according to this story also from El Reg.
(Score: 4, Informative) by Nerdfest on Wednesday October 28 2015, @09:31PM
I really wish they'd be more specific and say "Oracle Java Applets", which are not al that common, rather than Java as a Language or a VM.
(Score: 2) by Runaway1956 on Wednesday October 28 2015, @09:51PM
The last I heard, Adobe had more exploits than anyone else. Interesting that Oracle has taken over that lead position.
(Score: 2) by frojack on Thursday October 29 2015, @12:01AM
Came here to say the same thing.
Either everyone had selected a different PDF reader, and photo editor or the survey must be flawed.
No, you are mistaken. I've always had this sig.
(Score: 1) by tftp on Thursday October 29 2015, @12:57AM
Either everyone had selected a different PDF reader, and photo editor or the survey must be flawed.
Can't say about everyone, but I haven't touched Acrobat Reader since version 9. That was many years ago. Today I'm using Foxit Reader on Windows. There are several on Android. There is no Photoshop on this PC; Paint.Net is all that I need.
(Score: 2) by Celestial on Thursday October 29 2015, @03:29AM
I haven't used Adobe anything for a few years. For PDFs, I use PDF-XChange Viewer. For photographs, Paint.Net is more than sufficient for my needs.
(Score: 0, Offtopic) by rigrig on Thursday October 29 2015, @08:56AM
This ranking isn't about which is the most dangerous software to use, but which makes the most people vulnerable to known exploits:
They rank by <% marketshare> * <% of unpatched installs> = <% of PCs made vulnerable to known exploits by this software>
No one remembers the singer.
(Score: 3, Interesting) by Marand on Wednesday October 28 2015, @11:25PM
I really wish they'd be more specific and say "Oracle Java Applets", which are not al that common, rather than Java as a Language or a VM.
I agree, but good luck getting anyone to properly make that distinction when people that should know better still commonly confuse Java with JavaScript, two languages with almost nothing in common other than four letters of their names. It's like confusing your car and your carpet.
It's a travesty, but that's what happens with design-by-committee naming, especially when you get marketing involved. (See here. [javaworld.com]) A clearer choice would have been to name the parts separately, but when the language started (before it became Java), the applet aspect didn't exist and there was only one language, so it probably didn't make sense to separate the language and VM. By the time the applet idea happened and trademarking discussions started, marketing was involved and there was probably no chance in hell they could get named more clearly.
Surprisingly, this is something Microsoft deserves credit for; C# is the language (like Java), .NET is the platform (like the Java platform and API), and the CLR is the JVM equivalent. It's a disaster from a marketing standpoint, but it's explicitly clear which part you're talking about at any point. Of course, MS had the benefit of hindsight here, because Java had already tread that ground and made those mistakes for them. On the Java side, we're stuck with people forever conflating java applet vulnerabilities with "omg Java sucks look at all the security problems!"
---
Personally, I think java applets should die in a fire and I hate the Java programming language, but I still have some respect for the design of the JVM and like a few of the languages that target the JVM, like Clojure. It's also interesting that the JVM + built-in classes has a lot in common with what I've read about the Smalltalk-powered, object-based computer Alan Kay and others worked on in the dimly remembered ancient history of computing. Add a shell (or REPL) and it's like a virtual OS with its own path (CLASSPATH) and programs (the classes), and you sort of get a feel for what Smalltalk and the Dynabook were supposed to be, albeit in a lesser form.
I've found this side of the Java platform to be interesting and even rather nice, though only after finding a language that isn't Java to make interacting with it tolerable.
(Score: 3, Touché) by takyon on Thursday October 29 2015, @01:06AM
JavaScript, what's that? I code in ECMAScript.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]