JAVA Runtime Environment = Safe or Not Safe ???

[BuckSkin]

I have a program that I want to install that says it requires JRE Version 7 or later.

Sometime ages ago, I purged anything JAVA from our machines and have thus far been careful to avoid it; I don't really know why; it just seemed like the smart thing to do at the time.

I Google-searched the situation, but all of the info that I came up with was 2013 or earlier and only led to confuse me further, what with JAVA this and JAVA that.

Is it currently safe to install this JAVA Runtime Environment; where do I safely download it; and, which is the latest version ?

Or, should I just forget the new program (and a couple others that I have that will not work without it) ?

Thanks for reading and all help is appreciated.

 

[file3456]

I think the biggest issue is when Java is allowed to execute in the browser. You probably could disable the plugin for Java in the browser though.

Your assumption about Java being a security issue is correct since even java script can be malicious. Especially Flash. Thankfully Flash is going away and HTML5 is taking over.

If you decide to use Java then just keep it updated. I had to use Java myself for a program which I was reluctant to do, but I really needed the program so what are you gonna do?

 

[townsbg]

I agree. If you install it disable it in the browsers so that malicious websites don't try to use it. Any program running outside of the browser would work just fine.

 

[BuckSkin]

I had to use Java myself for a program which I was reluctant to do, but I really needed the program so what are you gonna do?

I agree. If you install it disable it in the browsers so that malicious websites don't try to use it. Any program running outside of the browser would work just fine.

Thanks !

I found this:
There are two choices and I have no idea which I should get; I am not even remotely certain that this is the JRE that I need.

Java SE Runtime Environment 8 - Downloads

 

[file3456]

You just need this. Download Free Java Software

 

[BuckSkin]

You just need this. Download Free Java Software

Thanks !

 

[Banyarola]

Personally I wouldn't install it at all...Too risky.
I uninstalled it a long time ago..

 

[Alejandro85]

To begin with, it was never unsafe to install Java, and it isn't neither now.
What you mention is a long series of attempts of Microsoft to spread FUD against it to promote its own clone (the .NET Framework). But the fact is that Java never was a tremendous security menace and installing it always was and is mostly harmless.
You can confirm this by reading past just the big flashing headlines saying "Java security problem!!!!!" and the like. Serious publications correctly pondered where the problems are and the real extent of possible security risks.


To be fair, Java wasn't without problems. But what nobody mentions (blinded by MS FUD and its army of fanboys) is that the most problematic parts is the Java browser plugin, that had diverse exploits that break the browser "sandbox" in some way or another.
Java is much more than a browser plugin, it's actually a runtime library, whose sole purpose in life is to provide assistance to other programs. While not having it means that no Java program will ever run, including malware, it's also important to note that legimitate programs are very rarely exploited though its runtime library and while possible, bugs in the programs themselves are much more common. Think of the risk of having Java as roughly similar to the risk of having .NET or the C++ runtimes.
The browser plugin is a quite different history because of its own nature, as it breaks the bases of web browsing by allowing arbitrary programs to run inside the browser, in the very same way as for instance Flash or Silverlight. Also, many bugs have been found over the years in this regard, made the exploit easier. The press played their role by greatly magnifing the impact of such bugs and spreading even more FUD than actually deserved.


So yes, there is no significant risk just by installing Java. Just disable the browser plugin if you want to be extra-sure. Current browser versions have ruled out Java too, so that's not even necesary or even possible.

where do I safely download it; and, which is the latest version ?

As always, the ONLY safe place to download anything is its official web page. In the case of Java you can find it here:
Download Free Java Software

Your assumption about Java being a security issue is correct since even java script can be malicious. Especially Flash.

JavaScript has absolute nothing to do with Java, and is in no way as problematic as Java, they're not even comparable. And it having some problems are also completely unrelated to Java.
Flash is very similar to Java, but ultimately are two completely separa technologies and their problems should be analyzed separately.


And the assumtion about Java being a security issue is, as usual, mostly unfounded and based on FUD and flashy headlines. There are some truth in it, but far from the degree that MS wants us to think.

 

[file3456]

I know JS and Java are two separate things. My point was that plugins, or anything else allowed to run and interact with a browser can and will pose a malware/hacking vulnerability.

Flash, Java, JS, whatever. They can create a vector.

.net, SOAP, DCOM, and all that have their catch 22's as well.