UCF STIG Viewer Logo

Oracle JRE 8 must default to the most secure built-in setting.


Overview

Finding ID Version Rule ID IA Controls Severity
V-66945 JRE8-WN-000060 SV-81435r2_rule Low
Description
Applications that are signed with a valid certificate and include the permissions attribute in the manifest for the main JAR file are allowed to run with security prompts. All other applications are blocked. Unsigned applications could perform numerous types of attacks on a system.
STIG Date
Java Runtime Environment (JRE) version 8 STIG for Windows 2017-12-21

Details

Check Text ( C-67581r2_chk )
Navigate to the system-level "deployment.properties" file for JRE.

\Sun\Java\Deployment\deployment.properties
- or -
\Lib\deployment.properties

If the key "deployment.security.level=VERY_HIGH" is not present in the "deployment.properties file", or is set to "HIGH", this is a finding.

If the key "deployment.security.level.locked" is not present in the "deployment.properties" file, this is a finding.
Fix Text (F-73045r3_fix)
Navigate to the system-level "deployment.properties" file for JRE.

Add the key "deployment.security.level=VERY_HIGH" to the "deployment.properties" file.

Add the key "deployment.security.level.locked" to the "deployment.properties" file.