An error occurred:

Oracle Java Runtime Environment (JRE) Version 8 for Windows STIG Version Comparison

Oracle Java Runtime Environment (JRE) Version 8 for Windows Security Technical Implementation Guide

Comparison

There are 2 differences between versions v1 r4 (July 28, 2017) (the "left" version) and v2 r1 (Jan. 22, 2021) (the "right" version).

Check JRE8-WN-000070 was changed between these two versions. Green, underlined text was added, red, struck-out text was removed.

The regular view of the left check and right check may be easier to read.

Text Differences

Title

Oracle JRE 8 must be set to allow Java Web Start (JWS) applications.

Check Content

Navigate to the system-level "deployment.properties" “deployment.properties” file for JRE. <Windows Directory>\Sun\Java\Deployment\deployment.properties - or JRE. The location of the deployment.properties file is defined in - <JRE <JRE Installation Directory>\Lib\deployment.properties If Directory>\Lib\deployment.config If the key "deployment.webjava.enabled=true" “deployment.webjava.enabled=true” is not present in the "deployment.properties" deployment.properties file, or is set to "false", “false”, this is a finding. If the key "deployment.webjava.enabled.locked" “deployment.webjava.enabled.locked” is not present in the "deployment.properties" deployment.properties file, this is a finding. finding. Note: If JWS is not enabled, this requirement is NA.

Discussion

Java Web Start (JWS) applications are the most commonly used. Denying these applications could be detrimental to the user experience. Whitelisting, blacklisting, and signing of applications help mitigate the risk of running JWS applications.

Fix

Navigate to the system-level "deployment.properties" “deployment.properties” file for JRE. Add JRE. The location of the deployment.properties file is defined in <JRE Installation Directory>\Lib\deployment.config Add the key "deployment.webjava.enabled=true" “deployment.webjava.enabled=true” to the "deployment.properties" deployment.properties file. Add the key "deployment.webjava.enabled.locked" “deployment.webjava.enabled.locked” to the "deployment.properties" deployment.properties file. file. Note: If JWS is not enabled, this requirement is NA.