Java still indispensable in enterprise space despite security issues

Java is too embedded within most enterprise-level systems for companies to heed security vendors' warnings and simply turn it off, according to industry experts.

Calls for the platform to be retired came after a fresh zero-day vulnerability in Java was unearthed earlier in January.

The vulnerability was discovered after researchers spotted a ransomware Trojan known as Reveton targeting the flaw.

Since then attacks linked with the popular Blackhole and Cool exploit kits, which allow criminals to mount automated attacks, have been discovered targeting the exploit.

The calls to disable Java gained fresh weight after the US Computer Emergency Response Team (CERT) re-recommended internet users shut the software down mere days after Oracle released a security update designed to fix the flaw.

However, speaking to V3 numerous experts and industry figures said that while Java's security risks are serious, the coding language is too embedded in most enterprise businesses' networks to simply turn off.

"There are specific groups who still need the software as Java is still a very popular platform. A lot of software depends on Java, for example, web servers, content management systems, databases, development environments and various desktop applications, so a lot of companies need it," Kaspersky senior researcher, David Emm, told V3.

"Just like Javascript and Flash - we always can switch it off for better security, but it will result in many websites not working properly. We can switch off Java, but then we won't be able to run any application that use Java platforms."

The comments run in line with the Java user figures reported by Oracle.

Speaking to V3, Oracle claimed that 97 percent of enterprise desktops currently run Java and that the user base is still growing, with the company detecting a further one billion Java downloads each year.

If accurate, this means that there are currently at least three billion devices out there using Java technology, making it the largest programming language in the world, making it a unfeasible to solve the problem by simply turning it off.