Jump to content
Corrine

Critical Oracle Java Security Update

Recommended Posts

Corrine

Oracle released the schedules critical security updates for its Java SE Runtime Environment software.

 

Download Information

Download link: Java Version 7 Update 21

Verify your version: http://www.java.com/en/download/testjava.jsp

 

Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

 

For information about the change to certificates in this update, see my blog post at Critical Oracle Java Security Update Released and the accompanying references.

  • Like 3

Share this post


Link to post
Share on other sites
V.T. Eric Layton

Ah... so nice not to have to worry about Java updates anymore. :yes:

  • Like 2

Share this post


Link to post
Share on other sites
LilBambi

from 17 to 21...

Share this post


Link to post
Share on other sites
Corrine

Must have been internal builds.

  • Like 2

Share this post


Link to post
Share on other sites
LilBambi

Yep... I just watch that to see how far they jump. ;)

Share this post


Link to post
Share on other sites
LilBambi

More info here:

 

Oracle preps 128 security patches; Java gets 42 - CNET

 

 

Fixes are coming today for "hundreds" of Oracle products, following a series of high-profile corporate hacks pegged to a zero-day vulnerability in Java.
Edited by LilBambi

Share this post


Link to post
Share on other sites
therock247uk

nice

Share this post


Link to post
Share on other sites
LilBambi

Critical Java SE update due Tuesday fixes 40 flaws - The Reg

 

And yes, most are remotely exploitable

 

Update coming June 18, 2013!

 

Watch for it and install it if you have Java installed on your system.

 

As always: If you are sure you don’t need Java for anything, it would be best to uninstall it or disable it until the update, or at least disable Java in your browsers.

Edited by LilBambi
  • Like 1

Share this post


Link to post
Share on other sites
LilBambi

Excellent. Got my update.

Share this post


Link to post
Share on other sites
Corrine

Oracle released the Java SE 7u40 today. In addition to bug fixes and enhancements, the update includes the following:

  • advanced monitoring and diagnostic capabilities that enable developers to gather detailed runtime information and perform efficient data analysis without impacting system performance;
  • a new security policy that gives system administrators greater control over Java running on desktops;
  • improved performance and efficiencies for Java on ARM servers and support for Mac OS X retina displays.

 

If Java is still installed on your computer, it is recommended that this update be installed.

 

Download link: Java SE 7 Update 40

  • Like 3

Share this post


Link to post
Share on other sites
Corrine

If you still have Java installed, it is time to update!

 

Oracle released the scheduled critical security updates for its Java SE Runtime Environment software.

 

This is a Critical Patch Update that contains 36 fixes for Java, 34 of which Oracle indicated can be exploited by an attacker without the need for authentication. Additional details about the update are available in my blog post here.

 

Download Link: Java Version 7 Update 51

 

Warning: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

  • Like 2

Share this post


Link to post
Share on other sites
LilBambi

Got mine! Thanks!

Share this post


Link to post
Share on other sites
LilBambi

One thing that REALLY annoys me about Oracle and the Java.com download site is that although you have links to other versions of Java, they don't allow you to download the 64-bit version for another computer. REALLY ANNOYING!

 

Adobe has a link that allows you to download Windows versions from the Mac or Linux where you can click on the link that says Need Flash Player for a different computer? and it will allow you to download versions for a different computer than the one you are downloading from.

Share this post


Link to post
Share on other sites
V.T. Eric Layton

No Java on Windows or Linux for me these days. Ahhh... it's so nice. :yes:

Share this post


Link to post
Share on other sites
ebrke

I'm assuming Java would show under "Control Panel | Programs and Features" in Win 7? I don't think it was installed on new laptop I'm maintaining for mother. Hope not, one less thing to have to update.

  • Like 1

Share this post


Link to post
Share on other sites
LilBambi

Yep, if you don't need it, don't install it! :yes:

 

BTW: It used to be needed for my Citrix GoToAssist but they have coded it out of it now! Yea!

  • Like 1

Share this post


Link to post
Share on other sites
zlim

Java would have to be installed; it is not installed in Win 7. None of our Win 7 computers have it. One less thing I need to run around to patch and disable so I don't install it unless I absolutely need it.

  • Like 1

Share this post


Link to post
Share on other sites
LilBambi

Yep, Win7 was smart not to have it installed by default.

Share this post


Link to post
Share on other sites
Corrine

If you still have Java installed, it is time to update!

 

Oracle released the scheduled critical security updates for its Java SE Runtime Environment software. Oracle reported that Java SE does not include OpenSSL and, therefore is not affected by HeartBleed and CVE-2014-0160. For Oracle products that are affected, see OpenSSL Heartbleed Vulnerability CVE-2014-0160.

 

This is a Critical Patch Update that contains 37 fixes for Java, 35 of which Oracle indicated can be exploited by an attacker without the need for authentication. Additional details about the update are available in my blog post here.

 

Download Link: Java Version 7 Update 55

 

Warning: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

  • Like 2

Share this post


Link to post
Share on other sites
LilBambi

So glad they finally got around to patching ... Just when we no longer need it here. ;) Been uninstalling it everywhere.

  • Like 2

Share this post


Link to post
Share on other sites
Corrine
:clap: Another one who is now free from Java headaches!
  • Like 2

Share this post


Link to post
Share on other sites
V.T. Eric Layton

Yeah, I got rid of all Java on my systems a few months back. I was surprised how needless it was to have it. I haven't missed it not once since removing it.

  • Like 3

Share this post


Link to post
Share on other sites
LilBambi

Well, we couldn't until the Citrix product I use changed how it works. Thankfully they have changed and so we can too. So now, I and my clients no longer need Java for that product in Windows.

 

I have to keep testing each system though since some printers were still using Java for scanner apps, etc. But so far, all good on all I have removed it on.

 

Sad because there will be less and less users that can play with NASA's JPL Java apps for location mapping for asteroids, and other cool apps. Sigh...

 

If Oracle would have changed their security updates to monthly with out of band patches for emergencies as Microsoft and Adobe have done, things would be different.

  • Like 1

Share this post


Link to post
Share on other sites
V.T. Eric Layton

It's sad, actually, that Java is such a security risk and PITA because it really is a pretty cool programming language.

Share this post


Link to post
Share on other sites
LilBambi

Yes, it is! If Oracle would get with the program that is.

Share this post


Link to post
Share on other sites
LilBambi

The off topic discussion about CEO salaries and Larry Ellison in particular has been moved here to keep this topic about updates to Java.

Share this post


Link to post
Share on other sites
Corrine

Oracle released critical security updates for Java that contains 20 fixes for Java, the most severe having a rating of 10.0. There has been a lot of recent controversy regarding Java updates for Windows XP. While Windows XP has reached end of life, Java 7 will continue to be updated until April, 2015.

 

Thus, organizations and individuals who continue using Windows XP and have Java installed can also continue getting updates for Java 7. It is noted, however, that if an issue arises that is specific to Windows XP, Oracle is not required to and also may not be able to create a patch. For additional information, refer to the Oracle blog post, The future of Java on Windows XP (Henrik on Java).

 

Although most people do not need Java, if Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.

 

Download link: Java SE 7u65

 

Note: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

 

Verify your version: http://www.java.com/en/download/testjava.jsp

 

If you must keep Java installed, see my blog post at Oracle Java Critical Security Update for Java Security Recommendations.

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...