Oracle’s Latest Java Patch Contains Huge Security Flaw Update of 50 Fixes

If our not-too-subtle hint a couple of weeks ago about the perils of having Java installed wasn't enough to convince you to uninstall, you should waste no time in heading on over to the official site and grabbing the latest version (7u13). When it comes to Java, the Swiss-cheese of the software world, it's important to snag updates whenever they're rolled-out - but this one is in a league of its own. Oracle managed to pack 50 fixes with this single update - the largest bulk of fixes ever seen in the software's history.

For those interested in getting into the nitty gritty of what's been patched up, you can head on over to this very in-depth advisory page. Given the number of holes and exploits Java remains susceptible to, however, we'd recommend everyone to consider whether or not they actually need it installed. It's not uncommon to have it installed when you don't actually need it, so if you establish that you don't, treat it like bad coffee and get it out of there.

Via:  Oracle
Comments
Mike Coyne one year ago

I recenty download both 32 and 64 bit Java. I hopeful it are more stable than before. Now we will wait and see how new heavy updated java hold up.

Dave_HH one year ago

Why is it that Java is continually buggy? Since the beginning of time, I have always had issues with it.

3vi1 one year ago

[quote user="Dave_HH"]

Why is it that Java is continually buggy? Since the beginning of time, I have always had issues with it.

[/quote]

I haven't really noticed Java itself being buggy.. though there are some poorly written apps out there.  Others, like Minecraft, are pretty solid... so you know the problem isn't really the foundation of Java itself.  

And, as far as security patches go, I don't think their record is too horrible when you consider the never-ending stream of Windows and .Net patches that are pulled in by Windows Update.  The Java exploits just make for bigger news because a lot of people don't update it regularly or even know it's installed in some cases.

 

JvanHummel one year ago

Java is actually pretty broken deep down. When Oracle bought it from Sun it was already apparent that Java had been neglected for far too long and that at the core it was turning into a mess to maintain. Security is not something one sprinkles over the code. It has to be there from the start.

3vi1 one year ago

>> When Oracle bought it from Sun it was already apparent that Java had been neglected for far too long

Which is why they switched their reference implementation to OpenJDK a year and a half ago. It's an entire re-write.

3vi1 one year ago

Uninstalling Java is a bit like sticking your foot in the road and then cutting it off because someone might run over it.

All people really need to do is go into their browser and disable Java applets there. That's where all the exploits come in, and there's no good reason for Java applets to run in the browser nowadays; any site that requires it should be regarded with suspicion. Only 0.2% of web sites require client side java

This takes your foot out of the road.

Handling the problem like this leaves Java locally installed so you can still play Minecraft and use other Java applications.

How to disable Java applets in...
Chrome: http://www.podfeet.com/wordpress/tutorials/how-to-disable-java-in-chrome/
Firefox: http://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets
IE: I assume you don't care about security, and wouldn't follow the instructions anyway.

Post a Comment
or Register to comment