Over the last few years, we have seen a number of exploits and vulnerabilities in Java. Oracle released Java 6 update 39 earlier this month fixing several security bugs. This was probably the last security update for Java 6, as Oracle had said earlier that there would be no security updates for Java 6 after February. However, you will be surprised to know that there are some top-notch organizations that still ask you to install age-old versions of Java.
Sitebuilder is one such tool from Yahoo! Sitebuilder can be used to whip up really simple websites within a few minutes. It is not the kind of tool developers would boast of, and I do not know anyone who uses it. However, the tool very much exists, and is distributed by Yahoo!. Most of us would not care about using it, but there are people who would want to skip the technical knowhow and just the website out.
Here comes the interesting part- Yahoo Sitebuilder comes with Java 6 update 7, which came out back in the summer of 2008. That version of java is severely flawed and outdated. The Sitebuilder tool cannot be blamed either, as it talks about support for Windows Vista at best, which makes it look like no one at Yahoo! cares about Sitebuilder either! However, what is of importance is that Sitebuilder is being distributed by Yahoo! and given the number of hacks and malware Java is attracting lately, Yahoo! should take care of this and thus prevent the spreading of Java vulnerabilities.