Corporate Blog

Strategy With Technology

  • Yahoo uses Outdated version of Java for its Website Builder
altToday every business has their own website and it is their first marketing tool. Even small and medium businesses along with many start-ups have their dedicated websites. Most of the business owner go for free website building services due to its affordability, though Google offer free website builder in India that goes with a name Indiangetonline.in, one of the most popular website builder with small businesses is Yahoo website builder. Though yahoo website builder is quiet popular with among startups and small medium businesses but recent finding for its security vulnerability has flabbergasted even the best of security expert. Yahoo uses insecure 2008 version of Java in its website building tool.
 
For small businesses those who have purchased web-hosting form yahoo can also build a basic website by using their simple point and click tool. This tool requires Java and because yahoo uses outdated Java 6 Update it compromises on the security of user’s data. A senior security adviser for Sophos, Chester Wisniewski says that using a four year old version of Java is highly irresponsible on the part of Yahoo. The version of Java currently yahoo is using contains plenty of vulnerability this leaves the website susceptible to hacker attack. The using of older technologies is not at all advised as it may compromise on the website security. Director of security operations at nCircle, Andrew Storms says that it is a duty of yahoo to inform its users of the security threat they possesses due to the use on vulnerable java version and also tell them when they will come out with the patches to fix the issues.
 
Wisniewski agrees that yahoo should immediately update the outdated Java version with the latest security patches by Oracle. Most of the cyber criminal target Java based technology due to slow updating of security patched by Oracle and also due to user’s timely inability to keep the Java plug-in in Web browsers up-to-date. Users should wait till yahoo is done with updating Java to the latest version and fixing all the security related issues.