1. Signed Java Applets No Longer Allows Sandbox Escape
Oracle recommends websites switch to signed Java applets, a practice that establishes the identity of the signer and was used to boost privileges. It also reduced the effectiveness of the sandbox. In a move seen as one of the most significant security improvement, code signing an applet no longer confers sandbox escape privileges. Metasploit creator and Rapid7 CSO HD Moore said the practice of signing applets has been targeted by attackers and consistently abused by security auditors for years.