Oracle Java deserialization

Will Dropping Serialization from Java Remove the Vulnerabilities?

During “Ask The Architect” at the Devoxx UK 2018 conference, Oracle’s chief architect, Mark Reinhold, called Java’s serialization mechanism a “horrible mistake” and a virtually endless source of security vulnerabilities. More importantly, Reinhold announced Oracle’s decision to improve Java’s security […]

Will Dropping Serialization from Java Remove the Vulnerabilities? Read More »