Site icon The Mac Security Blog

Oracle Patches Java Security Vulnerabilities

Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle’s Java update fixes 36 vulnerabilities, 34 of which are remotely exploitable without authentication.

Oracle notes:

These vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Supported versions that are affected: Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE 7u45 on OS X, Java SE 7u45 on Firefox, JRockit R27.7.7, JRockit R28.2.9, Java SE Embedded 7u45, and JavaFX 2.2.45.

As typical of Oracle’s Java updates, which occur quarterly instead of monthly, a colossal 36 bugs were fixed in this update. So it’s important that you update to Java SE 7u51 immediately to mitigate potential threats.

Following is a complete list of all 36 vulnerabilities resolved in the Oracle Java SE update:

Users can go to Oracle’s website to download Java SE 7u51 as advised. Windows and Mac OS X users can also use automatic updates to get the latest release. Users running Java SE with a browser can download the latest release from Java.com.

Share this: