Oracle today has released a critical patch update for JAVA SE that includes both patches for security vulnerabilities and non-security fixes. The company asks all Java users to update their versions of Java SE as soon as possible to protect the underlying systems from attacks exploiting those vulnerabilities.
The patch advisory for February 2012 lists the following Java SE products and versions as vulnerable to the security vulnerabilities addresses by the critical patch update:
The Oracle Java SE Risk Matrix lists 14 unique vulnerabilities of which five have received the highest possible base score of 10. This score assumes that users running Java on the system have administrative privileges. If that is not the case, the base score would lower the base score considerably.
All 14 vulnerabilities can be remotely exploited without authentication, for instance over a network with the need for a username or password.
Users who are not sure which Java version - if any - they are running on their system should open the Java test page that checks the version for them.
The latest Java SE versions can be downloaded from this page over at the Java website. If you have Java 7 installed, you need to click on the JRE download link next to Java SE 7u3, and if you have Java SE 6 installed, you need to click on the JRE download link there to download the update to your computer.
Updates are provided for all supported operating systems, including Windows 32-bit and 64-bit versions, Macintosh and Linux.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.