DLLs and Shared Libraries
Dear JDisc friends,
did you know that you can inject a DLL into every process that runs on your Windows computer? If not, then you might check out this Wikipedia link!
The DLL will be injected into every process sending you a notice. You will simply not notice the DLL injection.
Therefore, we have added a new feature to collect the list of loaded shared libraries (DLLs for Windows, shared libraries for Linux). With this feature, you can directly see what DLLs are being loaded into your processes!
But there are also other use cases for this feature. As you might know, Oracle has changed their license terms for their Java Virtual Machine. Refer to Oracle’s licensing FAQ for an easy to understand guide…
What makes things even more complicated is that many applications embed a Java virtual machine in their application. Those applications can put your company at risk being license incompliant because many users are not aware that an application is actually using or embedding Java. When Oracle conducts an audit for your company, then there might be additional cost involved in Java licensing!
Therefore, it is essential to be fully aware of how Java is used in your company!
The new feature is the first step towards getting a better overview on Java usage in your enterprise.
The screenshot above provides an example of an embedded JVM. Tomcat is frequently used to deploy Java based WEB applications. When you install Tomcat on Windows, then it creates a Windows service running the binary „Tomcat9.exe“. This executable loads the JVM.DLL and embeds the Java Virtual Machine in the same process.
When looking at the report, you can easily see when a process uses the JVM.DLL. Furthermore, you can exactly see the JVM vendor and module name. In this case, we can see that it is a Oracle’s JVM running the Standard Edition 8 Update 231. So this installation might be at risk. It also clearly indicates whether a process is using openJDK’s JVM.DLL. The use of openJDK is not critical and therefore you would be safe!
We hope that this new feature helps to obtain a better overview over the shared libraries used in your environment!
You find the list of all executables including the DLLs and shared libraries in the report Software > Executable Files.
The current build obtains the shared library information for Windows and Linux. For the next builds, we will also include MAC OS X, Solaris, AIX, and HP-UX.
P.S.: We are also working on further enhancing the Java VM detection. We are implementing a way to detect the parameters that are being used by a Java VM! For instance, if you enable commercial features via the option „-XX:+UnlockCommercialFeatures“, then this installation must most probably be licensed.
Getting the JVM parameters will be part of one of the coming builds!
Hope this feature makes your life a bit easier…
Cheers,
Thomas