Oracle’s Latest Java Patch Contains Huge Security Flaw Update of 50 Fixes

rated by 0 users
This post has 6 Replies | 1 Follower

Top 10 Contributor
Posts 25,836
Points 1,169,890
Joined: Sep 2007
ForumsAdministrator
News Posted: Sat, Feb 2 2013 1:15 PM

If our not-too-subtle hint a couple of weeks ago about the perils of having Java installed wasn't enough to convince you to uninstall, you should waste no time in heading on over to the official site and grabbing the latest version (7u13). When it comes to Java, the Swiss-cheese of the software world, it's important to snag updates whenever they're rolled-out - but this one is in a league of its own. Oracle managed to pack 50 fixes with this single update - the largest bulk of fixes ever seen in the software's history.

For those interested in getting into the nitty gritty of what's been patched up, you can head on over to this very in-depth advisory page. Given the number of holes and exploits Java remains susceptible to, however, we'd recommend everyone to consider whether or not they actually need it installed. It's not uncommon to have it installed when you don't actually need it, so if you establish that you don't, treat it like bad coffee and get it out of there.

  • | Post Points: 50
Top 500 Contributor
Posts 266
Points 2,975
Joined: Sep 2009
Location: Port Orchard, WA

I recenty download both 32 and 64 bit Java. I hopeful it are more stable than before. Now we will wait and see how new heavy updated java hold up.

  • | Post Points: 5
Top 25 Contributor
Posts 3,543
Points 54,460
Joined: Jul 2004
Location: United States, Massachusetts
ForumsAdministrator
MembershipAdministrator
Dave_HH replied on Sat, Feb 2 2013 2:42 PM

Why is it that Java is continually buggy? Since the beginning of time, I have always had issues with it.

Editor In Chief
http://hothardware.com


  • | Post Points: 20
Top 10 Contributor
Posts 5,053
Points 60,700
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Sat, Feb 2 2013 3:38 PM

Uninstalling Java is a bit like sticking your foot in the road and then cutting it off because someone might run over it.

All people really need to do is go into their browser and disable Java applets there. That's where all the exploits come in, and there's no good reason for Java applets to run in the browser nowadays; any site that requires it should be regarded with suspicion. Only 0.2% of web sites require client side java

This takes your foot out of the road.

Handling the problem like this leaves Java locally installed so you can still play Minecraft and use other Java applications.

How to disable Java applets in...
Chrome: http://www.podfeet.com/wordpress/tutorials/how-to-disable-java-in-chrome/
Firefox: http://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets
IE: I assume you don't care about security, and wouldn't follow the instructions anyway.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Top 10 Contributor
Posts 5,053
Points 60,700
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Sat, Feb 2 2013 4:10 PM

Dave_HH:

Why is it that Java is continually buggy? Since the beginning of time, I have always had issues with it.

I haven't really noticed Java itself being buggy.. though there are some poorly written apps out there.  Others, like Minecraft, are pretty solid... so you know the problem isn't really the foundation of Java itself.  

And, as far as security patches go, I don't think their record is too horrible when you consider the never-ending stream of Windows and .Net patches that are pulled in by Windows Update.  The Java exploits just make for bigger news because a lot of people don't update it regularly or even know it's installed in some cases.

 

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • Filed under:
  • | Post Points: 20
Not Ranked
Posts 84
Points 720
Joined: Oct 2011

Java is actually pretty broken deep down. When Oracle bought it from Sun it was already apparent that Java had been neglected for far too long and that at the core it was turning into a mess to maintain. Security is not something one sprinkles over the code. It has to be there from the start.

  • | Post Points: 20
Top 10 Contributor
Posts 5,053
Points 60,700
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Sat, Feb 2 2013 6:13 PM

>> When Oracle bought it from Sun it was already apparent that Java had been neglected for far too long

Which is why they switched their reference implementation to OpenJDK a year and a half ago. It's an entire re-write.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Page 1 of 1 (7 items) | RSS