Oracle Critical Patch Updates for Java SE 8u91 & 8u92

[Petrovic]

This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for July 2016, which will be released on Tuesday, July 19, 2016. While this Pre-Release Announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory.

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. This Critical Patch Update contains 276 new security vulnerability fixes across hundreds of Oracle products. Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.

Oracle Java SE Executive Summary
This Critical Patch Update contains 13 new security fixes for Oracle Java SE. 9 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

The highest CVSS Base Score of vulnerabilities affecting Oracle Java SE is 9.6

The Oracle Java SE components affected by vulnerabilities that are fixed in this Critical Patch Update are:
• Java SE
• Java SE Embedded
• JRockit
 
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

When available updates will be found at:
http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html