UCF STIG Viewer Logo

Java Runtime Environment (JRE) version 7 STIG for Windows 7


Overview

Date Finding Count (11)
2015-12-10 CAT I (High): 1 CAT II (Med): 10 CAT III (Low): 0
STIG Description
The Java Runtime Environment (JRE) is a bundle developed and offered by Oracle Corporation which includes the Java Virtual Machine (JVM), class libraries, and other components necessary to run Java applications and applets. Certain default settings within the JRE pose a security risk so it is necessary to deploy system wide properties to ensure a higher degree of security when utilizing the JRE.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-61039 High Java Runtime Environment (JRE) versions that are no longer supported by the vendor for security updates must not be installed on a system.
V-32842 Medium The configuration file must contain proper keys and values to deploy settings correctly.
V-32829 Medium The dialog enabling users to grant permissions to execute signed content from an un-trusted authority must be locked.
V-32828 Medium The dialog enabling users to grant permissions to execute signed content from an un-trusted authority must be disabled.
V-32902 Medium A properties file must be present to hold all the keys that establish properties within the Java control panel.
V-32833 Medium The option to enable online certificate validation must be locked.
V-32830 Medium The dialog to enable users to check publisher certificates for revocation must be enabled.
V-32831 Medium The option to enable users to check publisher certificates for revocation must be locked.
V-32832 Medium The option to enable online certificate validation must be enabled.
V-39239 Medium The version of the JRE running on the system must be the most current available.
V-32901 Medium A configuration file must be present to deploy properties for JRE.