Sep 14, 2014

Oracle EBS Browser Support Update 2014




Recently, Microsoft announced, its plan to block out-of-date ActiveX controls starting Sep 2014. ActiveX is a software component of Microsoft Windows. If you have Internet Explorer, then ActiveX is already installed on your computer. ActiveXcontrols are small programs, sometimes called add-ons that are used on the Internet. Oracle Forms in R12 E-Business Suite works on this ActiveX control (by using specific Java add-on).

 Internet Explorer 9 through Internet Explorer 11


Internet Explorer 8

It’s a known fact that, Oracle is slow in expanding the list of officially certified browsers (and browser versions) with E-Business Suite. That’s why oracle EBS users and developers (especially midsize enterprises) usually disable/degrade the browser updates and stick to older versions of IE. This exposes their computing environments to exploiters. Don’t believe that? Read this Microsoft SIR Volume 16 (page 14). It says, in 2013, there is an increasing trend towards reported vulnerabilities because of out-of-date Java Runtime Environment (JRE). In fact, these accounts to 84.6 to 98.5 percent of total exploit kit related detections. This number is alarming. 

Best way to protect the computing environments is to keep the JREs updated to latest available in Java official site. This won’t always be possible for EBS users and developers, because of two reasons. First, EBS is slow in certifying browser versions and JREs. Second, even if Oracle certifies, enterprises/businesses needs to complete the testing cycle, to make sure nothing breaks after upgrades, a significant time and resource intensive task. Sometimes, these upgrades are not necessarily work station upgrades and might needs upgrades on EBS servers too.

Well, there is a temporary solution to this dead lock. Just keep on installing the JRE updates, without major upgrades (i.e from JRE6 to JRE7 etc.). Oracle recently certified JRE version 6 update 81 with  Oracle E-Business Suite. This update is available as a part of Java JDK tool kit (Patch 19071743: Oracle JDK 6 Update 81 b32).

Permanent solution would be to wait, until Oracle gives up the conventional certification methodology and come up with bring-your-own-device (BYOD) approach. This becomes reality when industry adopts Oracle Fusion middleware.


Reference:

No comments:

Post a Comment