Oracle Tightens Security on Java Affecting VPN and Other CU-Boulder Resources

Last Updated: 02/25/2014

Oracle's latest release of Java, Java 7 Update 51, is affecting access to some of CU-Boulder's services. The new release improves security by requiring Java applet coders to have their code signed. However, some of the vendor solutions we use are not yet compliant with this new level of security.

Notably, with this new Java version installed, our Network Connect VPN service doesn't load when attempting to launch it from a browser. OIT has documented this issue, including a workaround for those that have previously installed the Network Connect application, and a fix that involves adding cuvpn.colorado.edu to your Java Exception Site list. This documentation can be found in the Known Issues area of our VPN service pages.

While the Network Connect issue is the most impactful simply due to the large number of VPN users, you may discover other CU-Boulder resources that demonstrate incompatibility with the new version of Java. A solution for this is to add any encountered sites to your Java Exception Site list by following these instructions.

If you have any questions or require assistance, don't hesitate to the contact the IT Service Center at help@colorado.edu or call 303-735-4357 (5-HELP from a campus phone).