To assist visitors with potentially unfamiliar concepts and terms that occur throughout the Help pages, we offer the following list of explanations. Check back for periodic updates
 

Security terms

General

Am I connected to the Internet?

You connect to the Internet through a service provider by one of several common methods: dial-up, a landline such as cable or copper wires, T- lines, Wi-Fi, satellite and cell phones. If you can log onto web sites (like this one) or send and receive email, then you are connected.
 

Applet

An applet is a software component (program code) that is downloaded by your browser to provide functionality within a web page. Java applets provide interactive features in a web browser using a Java Virtual Machine (JVM).
 

Check/Select

One method by which users indicate their input in a dialog box or on a web page, either by clicking on a checkbox with the cursor to create a check mark, or by placing the cursor on a graphic radio button and clicking to ‘push’ the button.
 

Dialog Box

A special window within a graphical user interface that either informs the user of something, or requests input.
 

Enable/Disable

User-accessible software settings that either turn on or off certain features or capabilities. Useful for resolving Java configuration issues, when users may be asked to use a dialog box to enable or disable a particular setting or function.
 

Firewall

Internet firewalls could be either software or hardware, which protect your computer from outside internet attacks that might pose threats to your internet security as well as files on your computer. The firewall functionality allows you to set up rules to either permit or deny passage of internet traffic.
 

Java Archive (JAR)

The Java Archive (.jar) is a file format used to bundle multiple files into a single archive file. Typically a JAR file contains the class files and auxiliary resources associated with applets and applications.
 

Java Plug-in

Java plug-in technology is part of the Java Runtime Environment and establishes a connection between popular browsers and the Java platform. This connection enables applets on Web sites to be run within a browser on the desktop.
 

Java Runtime Environment (JRE) Cache

A storage area within the Java console, which must sometimes be cleared manually in order to allow the latest Java version to load and install.
 

Java Virtual Machine (JVM)

In Java, a set of software programs that enable the execution of instructions – usually written in Java bytecode. JVMs are available for all the most common hardware and software platforms.
 

javaw.exe

The process javaw.exe is a program owned by Oracle, Inc., which works along with Internet Explorer browser as a Java plug-in. This program is similar to the program java.exe. The only difference is that the process javaw.exe has no console window when running. If you don't want to see a command prompt window, the process javaw.exe could most likely be used. The javaw.exe is a launcher file that will show a dialog box during times when a failure in launching of a program occurs.
 

jucheck.exe

The process jucheck.exe is part of the Java installation on Windows and checks for newer versions of Java. The process does not install Java and notifies you that a more recent version is ready to download. » More information
 

IFTW

Install from the Web, or online installation.
 

Installation Procedures

Java users have a choice of three installation procedures – online, offline, or manual installation.

• Online installation takes place automatically while you remain connected to the Internet by clicking on the ‘Free Java Download’ button at the Free Java Download page.
• Offline installation requires you to download an executable file listed at: Manual Java Download , which includes all the files needed for the complete installation at the user’s discretion. There is no need to remain connected to the Internet during the installation. The file can also be copied to and installed on another computer that is not connected to the Internet.
• Manual installation downloads an IFTW (Install From The Web) executable program file and requires minimum user intervention. When you run this program, it fetches all the required files from the web, so you must remain connected to the Internet during the installation.

Manifest

The manifest is a special file that can contain information about the files packaged in a JAR file.

Operating System

A generic term for the software that manages the basic tasks of your computer’s resources and which programmers use to access those resources. The most common desktop operating systems include Linux, Mac OS X, Microsoft Windows and Solaris.

Parameter

In programming, some value passed to a function. The function either uses the parameter in its task, or performs an operation on the parameter.

Physical Memory

Most often in the java.com site, this term refers to a form of semiconductor storage in computers known as random access memory (RAM).

Process

A general term to describe a program that is running to execute a specific task – often in concurrence with other programs.

Proxy Server

An intermediary computer between the user's computer and the Internet. It can be used to log Internet usage and also to block access to a web site. The firewall at the proxy server blocks some web sites or web pages for various reasons. As a result, users may be unable to download Java or to run some Java applets without configuring certain proxy settings in the computer’s web browser.

Proxy Setting

Correctly configured proxy settings allow users to connect to the Internet when a proxy server is involved. As a rule, users would need to contact their network administrator to get the necessary information to configure the proxy settings.

Private JRE

When installing JDK it installs a private JRE and optionally a public copy. The Private JRE is required to run the tools included with the JDK. It has no registry settings and is contained entirely in a Java directory (typically at C:\Program Files\jdk1.7.0\jre) whose location is known only to the JDK.

Public JRE

Public JRE can be used by other Java applications, is contained outside the JDK (typically at C:\Program Files\Java\jre1.7.0). It is registered with the Windows registry (at HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft). It can be removed using Add/Remove Programs and is also registered with browsers.

Web Browser Cache

A cache is a temporary storage area where frequently accessed data can be retained for rapid loading. A web browser cache holds copies of pages that pass through it. To resolve certain Java installation or configuration issues, it is sometimes necessary to clean out the cache manually by accessing a dialog box.

Workaround

A workaround is typically a temporary fix that bypasses an identified system problem pending a more permanent solution.
 

Security

Exception Site List

The Exception Site List feature allows end users to run Java applets and Java Web Start applications that do not meet the latest security requirements. Rich Internet Appllications that are hosted on a site in the exception site list are allowed to run with the applicable security prompts.
 

Java Expiration Date

The JRE expires whenever a new release with security vulnerability fixes becomes available. For systems unable to reach the Oracle Servers, a secondary mechanism expires the JRE. After either condition is met (new release becoming available or expiration date reached), Java will provide additional warnings and reminders to users to update to the newer version. Users receiving expiration date messages are strongly encouraged to update Java to the latest release.
 

Security Baseline

The security baseline is the minimum recommended update for Java. Users are not recommended to run Java versions that are below the latest security baseline. Each major version of Java (such as Java 6, Java 7) may have its own security baseline update.
 

Patch

Refers to incremental changes to a software installation. May include fixes to address general performance and security issues.
 

Critical Patch Update (CPU)

Critical Patch Updates are sets of patches containing security fixes on a fixed, publicly available schedule to help customers lower their security management costs.
 

Security alert

Oracle will issue a Security Alert (i.e. release of a security fix outside of the normal CPU schedule) in cases where the urgency of a fix requires it to be released in advance of the next Critical Patch Update.
 

Common Vulnerabilities and Exposures (CVE)

CVE numbers are unique, common identifiers for publicly known information about security vulnerabilities. The CVE program is co-sponsored by the office of Cybersecurity and Communications at the U.S. Department of Homeland Security and is managed by MITRE corporation.
 

Certificate Authority (CA)

A Certificate Authority is a trusted third party, typically a commercial business, that issues digital certificates. The certificates are issued to organizations or individuals after verifying their identity. The digital certificate is added to computer applications to validate that the application came from the owner of the certificate. For more information, see http://wikipedia.org/wiki/Certificate_authority.
 

Trusted certificate

If the application has a trusted CA certificate, you will be shown a blue shield icon and should beware of yellow warning alerts (shield or triangle icons). Validate that an application is from a verifiable publisher by checking that it has been certified by a trusted CA.
 

Self-signed certificate

Self-signed certificates are not verified by a trusted Certificate Authority. Applications of this type present the highest level of risk because the publisher is not identified.
 

Sandbox app

Refers to level of access to system files, such as on your hard drive, and to your network. The sandbox ensures that an untrusted, and possibly malicious, application cannot gain access to system resources.
 

Signed and Unsigned apps

Code signing is a security technology whereby applications are digitally signed to confirm the software author or publisher. Signed apps refers to applications that have been signed by the application provider (self-signed) or a Certificate Authority. This does not ensure that the code itself can be trusted, only that it comes from the stated source. Unsigned apps refers to code that has not been signed, therefore the source of the application can not be verified.
 

Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP)

These are parts of a mechanism commonly used in the Internet to check that a certificate used by an application developer to sign their work is still valid.