anuseems Posted June 19, 2013 Share Posted June 19, 2013 Oracle has published its June Critical Patch Update for Java SE and, as expected, the update fixes 40 security holes, none of which require authentication and 37 of which are exploitable over the network. The company recommends users install the update as soon as possible.Oracle's risk scoring gives 11 of the vulnerabilities a maximum score of 10.0 on the CVSS scale. The flaws affect all versions of Java including Java 7 Update 21 and earlier, Java 6 Update 45 and earlier and Java 5 update 45 and earlier, though some only affect one or another particular major version of Java. JavaFX 2.2.21 and earlier versions of JavaFX are also affected.Only the current version of Java, Java SE 7, will be updated for free; downloads of the new version, Java SE 7 Update 25, are available and existing installs should auto-update. Mac OS X users will get an updated Java SE 6 for their systems as an automatic update; Java SE 7 on Mac OS X is updated by Oracle. Users of other older versions of Java will only get updates if they have a maintenance contract with Oracle.As with previous updates, only four holes affect server installations of Java while nearly all affect Java client deployments. For example, eight of the top-scoring vulnerabilities are in the 2D graphics subsystem. A number also affect AWT and the Java Management Extensions (JMX). One bug only affects the production of documentation of Javadoc HTML pages when placed on a web server which allowed an attacker to insert frames; the company recommends that users of Javadoc regenerate their documentation. Of the few local holes discovered, one was in the installer, one in the networking subsystem and one in the 2D graphics subsystem.This is the last Java update that will occur on the out of sync timetable that has been in play since the start of the year. The next update is scheduled to take place as part of Oracle's normal Critical Patch Update schedule in October this year (followed by January 2014, April 2014 and July 2014).@ http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html Link to comment Share on other sites More sharing options...
locoJoe Posted June 19, 2013 Share Posted June 19, 2013 I wont have Java on my system. If a program requires it then I use a different program. If a website requires it then I find a different website. Link to comment Share on other sites More sharing options...
PrEzi Posted June 20, 2013 Share Posted June 20, 2013 I wont have Java on my system. If a program requires it then I use a different program. If a website requires it then I find a different website.Easier said than done, especially in Corporate environments. Link to comment Share on other sites More sharing options...
locoJoe Posted June 20, 2013 Share Posted June 20, 2013 I wont have Java on my system. If a program requires it then I use a different program. If a website requires it then I find a different website.Easier said than done, especially in Corporate environments.No problem for me. Its been 2yrs since any form of java on my computers. In that entire time I have not had even 1 program complain about it. Ive only ran into 1 website that complains so far...this one : http://www.time.gov/ and guess what. Its a government run site, whats that tell you...lol. No sir I wont have it on my systems. Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted June 20, 2013 Administrator Share Posted June 20, 2013 Systemrequirementslab.com requires Java, so does speedtest.net. Link to comment Share on other sites More sharing options...
locoJoe Posted June 20, 2013 Share Posted June 20, 2013 Systemrequirementslab.com requires Java, so does speedtest.net.good for them...lol :wub: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.