JRE8-WN-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked

Gavin M. Dennis

22 April 2022 17:04

Details

Applications that are signed with a valid certificate and include the permissions attribute in the manifest for the main JAR file are allowed to run with security prompts. All other applications are blocked. Unsigned applications could perform numerous types of attacks on a system.

Solution

Navigate to the system-level 'deployment.properties' file for JRE.

Add the key 'deployment.security.level=VERY_HIGH' to the 'deployment.properties' file.

Add the key 'deployment.security.level.locked' to the 'deployment.properties' file.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_JRE_Windows_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-6b.
CAT|III
CCI|CCI-000366
Rule-ID|SV-234686r617446_rule
STIG-ID|JRE8-WN-000060
STIG-Legacy|SV-81435
STIG-Legacy|V-66945
Vuln-ID|V-234686

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section