There are eleven Java vulnerabilities listed in the advisory, all of which may be remotely exploitable without authentication (exploited over a network without requiring user credentials).
This is a good time to check whether your Windows computers have Java installed, and either update it, or remove it completely if it’s no longer required.
If you’re not sure whether you need Java, you might as well remove it. If you subsequently encounter an application or web site that doesn’t run properly without Java, it’s easy enough to simply reinstall Java from the main Java download page.
The simplest way to check whether Java is installed is to open up the Windows Control Panel and look for a Java (or Java 32-bit) entry. If you see one, open that and navigate to the About tab.
To update Java, you can use the Update tab of the Java Control Panel applet, or just head to the main Java download page.
At this point, most folks probably don’t need Java. Which is good, because it’s still a target for malicious hackers. If you don’t actually need Java, it’s a good idea to remove it completely from your computers.
You can check whether Java is installed by opening the Windows Control Panel and looking for a Java entry. On my Windows 8.1 computer, it looks like this: . If you can’t see a Java entry in the Control Panel, try changing View by to Small icons. If you still can’t see it, Java probably isn’t installed. To find the Control Panel on Windows 10, press the Windows key, then type ‘control’. You should see Control Panel in the search results.
You can also double-check by opening Programs and Features in the Control Panel. Search the Programs and Features list for ‘java’.
If you’re not sure whether you still need Java, uninstall it, then if something stops working, you can always reinstall it.
If you do need to keep Java around, to run old Java applications and games, access ancient Java-enabled web sites, or use work-related resources you have no control over, it’s best to keep it up to date.
The Java Control Panel will let you see the currently installed version, and provides a link to download and install the newest version.
These days the only mainstream web browser that still supports Java is Internet Explorer. If you use Internet Explorer with Java enabled, keeping Java up to date is critical.
But even if you don’t use IE with Java, if Java is installed on your computer, it’s a good idea to keep it up to date. If you’re not sure, look for a Java entry in the Windows Control Panel. Open it and click the About button on the General tab to check the installed version. If it’s not up to date, go to the Update tab and click the Update Now button.
If you still use Java, and particularly if Java is enabled in Internet Explorer, it’s important to keep it up to date. Security vulnerabilities in Java are still a somewhat popular target for malicious hackers and malware purveyors.
If you’re not sure whether Java is even installed on your computer, look for a Java entry in the Windows Control Panel. If you see one, Java is installed. The Java Control Panel has an Update tab that allows you to check for pending updates and install the latest version.
You can check whether Java is enabled in Internet Explorer by using that browser to visit Oracle’s Verify Java Version page.
Oracle issues quarterly updates for a wide range of software products, and that includes Java. The July 2019 update describes ten security vulnerabilities that are addressed in the latest version of Java, 8 update 221.
Oracle’s quarterly Critical Patch Update for Q2 2019 documents vulnerabilities and updates for its entire product line. As usual, it’s the updates to Java that are important to most users.
The Patch Update details five distinct security vulnerablities in Java 8 Update 202 and earlier versions. A new release, Java 8 Update 211, addresses these vulnerabilities. The new version includes numerous other changes, most of which are of little interest to anyone aside from developers.
Keeping Java up to date is less urgent than in the past, since most of the major web browsers stopped supporting it in recent years.
If you do use a web browser with Java enabled, which is still possible with Internet Explorer and older, unsupported versions of many other browsers, you should make sure to install the new version as soon as possible.
The simplest way to update Java is to head to the Windows Control Panel, look for the Java icon, and — if you see one — open it, then go to the Update tab and click the Update Now button. Follow the prompts to complete the process.
These advisories cover a lot of Oracle software, most of which is likely of very little interest for ordinary users. But buried in each of these reports you’ll usually find a reference to a new version of Java.
It’s increasingly unlikely that you have a shared Java installation on your Windows computer. You may run Java applications, such as Minecraft and some network and Internet tools, but these often include their own, separate installs of Java now.
The easiest way to see whether you have a shared install of Java on your Windows 7 or 8.x computer is to go to the Control Panel and look for a Java entry. If you see one, open it up and go to the Update tab, then click the Update Now button. If there’s an update available, you’ll be able to install it from there.
You can also visit the Verify Java Version page, but unless you’re using Internet Explorer, it won’t be able to tell you if you’re even running Java. If you’re on Windows 10, that’s also the easiest way to check your version.
If you use Java, I encourage you to update it as soon as it’s convenient. Java is not the target it once was, but it’s still a good idea to reduce your exposure to Java-based threats by keeping it up to date. The only web browser that officially still supports Java is Internet Explorer. If you use Internet Explorer with Java enabled, you should update Java immediately.
The easiest way to check your Java version and download the latest is to go to the Windows Control Panel, open the Java applet, click the Update tab, then click the Update Now button. If you’re already up to date, you’ll see a message to that effect.
A new version of Java (8 Update 181) addresses eight security vulnerabilities in earlier versions. The Release Highlights page for Java 8 provides additional details on changes in Update 181, most of which are likely only of interest to developers.
If you use Java, and in particular if you use a web browser that has Java enabled, you should install Java 8 Update 181 as soon as possible. Note that the only modern browser that still runs Java applications is Internet Explorer. The easiest way to update Java is to run the Java applet in the Windows Control Panel: on the Update tab, click the Update Now button.
The only major browser that still officially supports Java is Internet Explorer, although there are workarounds for some of the other browsers. For example, you can switch to Firefox ESR (Extended Support Release), but even that support is likely to disappear before long. Google Chrome, and other browsers that use the same engine, can only be made to show Java content by installing an extension that runs Internet Explorer in a tab.
Java’s impact on security is diminishing, but it’s still being used on older systems where upgrading to newer O/S versions is not possible. There are still a lot of Windows XP systems out there, and most of them are either running older versions of Internet Explorer or Firefox ESR.
If you’re still using Java, you should install the latest version, Java 8 Update 171 (8u171), as soon as possible. The easiest way to check which version you’re running and install any available updates is to visit Oracle’s ‘Verify Java’ page. You’ll need to do that with a Java-enabled browser. Another option is to visit the third-party Java Tester site. Again, this site won’t work unless Java is enabled.
You’re much less likely to be affected by Java vulnerabilities these days, as most web browsers no longer support Java. The only mainstream browser that still runs Java code is Internet Explorer. If you use Internet Explorer with Java enabled, you should update Java as soon as possible, via the Java Control Panel applet, or by visiting the official Java download page.
Rants and musings on topics of interest. Sometimes about Windows, Linux, security and cool software.