Major security flaws in Java applications, European researchers warn

Alexandre Bartel, Professor of Software Engineering and Security at Umeå University, in collaboration with several European researchers, has extensively analyzed weaknesses in software written in one of the world's most widely used programming languages. "This involves flaws in the processes that retrieve and recreate information—such as customer accounts, transactions, or patient records. These vulnerabilities can create huge costs for businesses, governments and public authorities." Java is behind applications used in mobile games, robots, embedded systems or business applications. Over the years, several security flaws have been reported and now European researchers have investigated whether and how these have been addressed. They have looked at Java products that use deserialisation, the process of restoring packaged information to its previous state, such as user settings, game functions, shopping carts or banking applications, and carried out an in-depth analysis of existing vulnerabilities and attacks.