Java Usage Tracker is a part of Java functionality that helps to tracks how it is used in systems where it is installed. It also uses a Configuration file called usagetracker.properties which is default location on the operating system. Researchers found that the configuration files in customized properties code will force to create a.bat file then it will add the custom property. The default permission %ProgramData% allows Users of the system to create file. When Oracle/Javas path is created, the default permissions are inherited.”]
Source: https://gbhackers.com/java-usage-tracker-vulnerability/