Java, Patches and updates, Security

Massive Java security update

Leave a comment

Oracle/Sun has released update 13 for Java 7 (Java 7u13).

The update was originally scheduled for release on February 19, but given all the recent security issues, Oracle decided to get the latest patch out there as soon as possible.

The update includes fifty bug and security fixes. The issues addressed are listed on the associated Critical Patch Update Advisory. Oddly, the update version (7u13) is never mentioned once on that lengthy page.

Recommendations:

  • If you use Java, update it ASAP.
  • Don’t depend on the Java auto-updater to update Java: do it manually.
  • Don’t assume Java is now safe. Until security researchers like Adam Gowdiak give Java 7u13 a thumbs-up, assume it’s still vulnerable.
  • Disable Java plugins in your web browser unless you have no choice.
  • Continue to be extremely careful when browsing the web.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

View all posts by jrivett | Website

Leave a Reply

Your email address will not be published. Required fields are marked *