Category Archives: Java

Java 8 Update 291

Oracle’s quarterly bulletin for Q1 of 2021 as usual includes some Java security alerts, and a new version of Java was released to fix the associated vulnerabilities.

Java 8 Update 291 addresses two security vulnerabilities in earlier versions.

As usual, the easiest way to update Java is through its own built-in update mechanism. Head to the Windows Control Panel, open the Java applet, go to the Update tab, and click Update Now.

Java 8 Update 281

Oracle’s Critical Patch Update Advisory for January 2021 includes an entry for Java. There’s a single security vulnerability in Java 8 Update 271 and, presumably, in earlier versions as well.

The risk of using an unpatched version of Java depends on how you use it. If it’s only used to run specific, business-related software, the risk is low. By far the biggest risk is Java code that arrives on your computer by way of compromised web sites, or in email.

Java’s newer, built-in security features make it less of a risk than in years past, but risk remains. As a rule, it’s best to keep Java up to date.

If Java is installed on your Windows computer, you’ll see an entry for it in the list of installed software in the Control Panel or Settings. You should also see an applet in the Control Panel for Java, which you can use to both check which version is installed, and update it if necessary.

To get to the Control Panel in Windows 10, click the Start button, then start typing “control panel”. You should see it in the search results as you type. Click the search result to get there.

Java Version 8 Update 271

Oracle’s quarterly Critical Patch Update Advisory for October 2020, published on October 20, includes a list of eight vulnerabilities affecting Java 8u261, 7u271, and older versions.

Security risks arising from the use of older versions of Java are not as scary as they once were, since most current web browsers no longer support Java. The notable exception is Internet Explorer 11, which still supports the Java NPAPI plugin. Still, it’s best to keep Java up to date if it’s installed.

The easiest way to both check whether you have Java installed and see which version you’re running is to go to the Windows Control Panel. On Windows 7 and earlier, the Control Panel is accessible via the Start menu. On Windows 8.1 and 10, Microsoft annoyingly hid the Control Panel, but you can find it by clicking the start button and entering the text “control”. In the list of search results, you should see “Control Panel”. Click that to get to the Control Panel.

If Java is installed, you’ll see its Control Panel entry: Java (32-bit). Once you’ve clicked that, you’ll see the multi-tab Java applet. To see which version is installed, go to the Java tab and click View... The Product column shows the version. If it shows as “1.8.0_271“, that means you’re running Java 8 Update 271. Click Cancel to close that dialog.

To update Java, go to the Update tab and click the Update Now button. Follow the prompts to download and install the latest applicable version.

Alternatively, you can visit the main Java download page and install Java from there.

Java 8 Update 261

Oracle recently released its Critical Patch Update Advisory for July 2020. The advisory includes a list of vulnerabilities in Java 8 Update 251 and earlier versions. The fix is to install the latest version, Java 8 Update 261.

There are eleven Java vulnerabilities listed in the advisory, all of which may be remotely exploitable without authentication (exploited over a network without requiring user credentials).

This is a good time to check whether your Windows computers have Java installed, and either update it, or remove it completely if it’s no longer required.

If you’re not sure whether you need Java, you might as well remove it. If you subsequently encounter an application or web site that doesn’t run properly without Java, it’s easy enough to simply reinstall Java from the main Java download page.

The simplest way to check whether Java is installed is to open up the Windows Control Panel and look for a Java (or Java 32-bit) entry. If you see one, open that and navigate to the About tab.

To update Java, you can use the Update tab of the Java Control Panel applet, or just head to the main Java download page.

Java 8 Update 251

At this point, most folks probably don’t need Java. Which is good, because it’s still a target for malicious hackers. If you don’t actually need Java, it’s a good idea to remove it completely from your computers.

You can check whether Java is installed by opening the Windows Control Panel and looking for a Java entry. On my Windows 8.1 computer, it looks like this: . If you can’t see a Java entry in the Control Panel, try changing View by to Small icons. If you still can’t see it, Java probably isn’t installed. To find the Control Panel on Windows 10, press the Windows key, then type ‘control’. You should see Control Panel in the search results.

You can also double-check by opening Programs and Features in the Control Panel. Search the Programs and Features list for ‘java’.

If you’re not sure whether you still need Java, uninstall it, then if something stops working, you can always reinstall it.

If you do need to keep Java around, to run old Java applications and games, access ancient Java-enabled web sites, or use work-related resources you have no control over, it’s best to keep it up to date.

The Java Control Panel will let you see the currently installed version, and provides a link to download and install the newest version.

Java 8 Update 251 includes fixes for fifteen security vulnerabilities in earlier versions.

Java 8 Update 241 (8u241)

Oracle’s Critical Patch Update Advisory for January 2020 documents twelve security vulnerabilities in Java 8 Update 231 and earlier versions.

Java 8 Update 241 was released to address those vulnerabilities. The release notes page for Java 8 lists notable changes in Java 8 Update 241.

These days the only mainstream web browser that still supports Java is Internet Explorer. If you use Internet Explorer with Java enabled, keeping Java up to date is critical.

But even if you don’t use IE with Java, if Java is installed on your computer, it’s a good idea to keep it up to date. If you’re not sure, look for a Java entry in the Windows Control Panel. Open it and click the About button on the General tab to check the installed version. If it’s not up to date, go to the Update tab and click the Update Now button.

Java 8u221 – ten security fixes

If you still use Java, and particularly if Java is enabled in Internet Explorer, it’s important to keep it up to date. Security vulnerabilities in Java are still a somewhat popular target for malicious hackers and malware purveyors.

If you’re not sure whether Java is even installed on your computer, look for a Java entry in the Windows Control Panel. If you see one, Java is installed. The Java Control Panel has an Update tab that allows you to check for pending updates and install the latest version.

You can check whether Java is enabled in Internet Explorer by using that browser to visit Oracle’s Verify Java Version page.

This is what you should see on the Verify Java Version page if you are using IE and Java is up to date.

Oracle issues quarterly updates for a wide range of software products, and that includes Java. The July 2019 update describes ten security vulnerabilities that are addressed in the latest version of Java, 8 update 221.

Java 8 Update 211

Oracle’s quarterly Critical Patch Update for Q2 2019 documents vulnerabilities and updates for its entire product line. As usual, it’s the updates to Java that are important to most users.

The Patch Update details five distinct security vulnerablities in Java 8 Update 202 and earlier versions. A new release, Java 8 Update 211, addresses these vulnerabilities. The new version includes numerous other changes, most of which are of little interest to anyone aside from developers.

Keeping Java up to date is less urgent than in the past, since most of the major web browsers stopped supporting it in recent years.

If you do use a web browser with Java enabled, which is still possible with Internet Explorer and older, unsupported versions of many other browsers, you should make sure to install the new version as soon as possible.

The simplest way to update Java is to head to the Windows Control Panel, look for the Java icon, and — if you see one — open it, then go to the Update tab and click the Update Now button. Follow the prompts to complete the process.

Java 8 Update 201 fixes five security bugs

Oracle just released their first quarterly Critical Patch Update Advisory for 2019.

These advisories cover a lot of Oracle software, most of which is likely of very little interest for ordinary users. But buried in each of these reports you’ll usually find a reference to a new version of Java.

It’s increasingly unlikely that you have a shared Java installation on your Windows computer. You may run Java applications, such as Minecraft and some network and Internet tools, but these often include their own, separate installs of Java now.

The easiest way to see whether you have a shared install of Java on your Windows 7 or 8.x computer is to go to the Control Panel and look for a Java entry. If you see one, open it up and go to the Update tab, then click the Update Now button. If there’s an update available, you’ll be able to install it from there.

You can also visit the Verify Java Version page, but unless you’re using Internet Explorer, it won’t be able to tell you if you’re even running Java. If you’re on Windows 10, that’s also the easiest way to check your version.

Java 8 Update 201 addresses five security vulnerabilities in earlier versions. The details are listed in the quarterly advisory.

Java Version 8 Update 191

Earlier this week, Oracle released its quarterly Critical Patch Update Advisory for October 2018. As usual, there’s a new version of the Java runtime Engine (JRE): Version 8, Update 191 (Java 8u191).

The new version of Java fixes at least twelve security issues affecting earlier versions.

If you use Java, I encourage you to update it as soon as it’s convenient. Java is not the target it once was, but it’s still a good idea to reduce your exposure to Java-based threats by keeping it up to date. The only web browser that officially still supports Java is Internet Explorer. If you use Internet Explorer with Java enabled, you should update Java immediately.

The easiest way to check your Java version and download the latest is to go to the Windows Control Panel, open the Java applet, click the Update tab, then click the Update Now button. If you’re already up to date, you’ll see a message to that effect.