Java plug-in malware alert to be issued by Oracle

Millions of Java users are to be warned that they could be exposed to malware as a result of a flaw that existed in the software's update tool. The plug-in is installed on many PCs to let them to run small programs written in the Java programming language.

Its distributor Oracle has agreed to issue an alert on both social media and its own site following an investigation by the US's Federal Trade Commission. By doing so it has avoided the risk of being fined.However, the firm has not formally admitted to any wrongdoing. 

According to the FTC's complaint, Oracle was aware of security issues in the Java SE (standard edition) plug-in when it bought the technology's creator Sun in 2010. "The security issues allowed hackers to craft malware that could allow access to consumers' usernames and passwords for financial accounts, and allow hackers to acquire other sensitive information," the FTC said.