Oracle released the scheduled critical security updates for its Java SE Runtime Environment software and, once again, released two versions. Java SE 8u111 includes important security fixes and Java SE 8u112 is a patch-set update, including all of 8u111 plus the additional features described in the release notes.
The update contains (seven) 7 new critical security fixes for Oracle Java SE. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
Important FTC Notice
In addition to the critical security updates, an important notice has been provided by Oracle (available here) regarding an FTC lawsuit against Oracle due to the old practice of not removing vulnerable versions of Java when updates were released. As explained in Java, The Never-Ending Saga, it wasn't until JRE SE 6u11, that the update mechanism for Java was finally changed to remove the previous install. However, it did not remove installations prior to update 10. As a result, computers with earlier versions of Java SE were/are still vulnerable to the security risks corrected in later versions.
In the event you still need Java installed on your computer, step-by-step instructions are available for uninstalling Java covering operating systems from Windows ME through Windows 10. See Instructions for Uninstalling Java.
Download Information Download link: Java SE 8u111
Java SE 8u112 can be found here. Select the appropriate version for your operating system.
Verify your version: http://www.java.com/en/download/testjava.jsp
The usual warnings to UNcheck any pre-checked toolbar and/or software options presented with the update apply.
Java SE 8u111 Update Release Notes
Java SE 8u1102 Update Release Notes
The update contains (seven) 7 new critical security fixes for Oracle Java SE. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.
Important FTC Notice
In addition to the critical security updates, an important notice has been provided by Oracle (available here) regarding an FTC lawsuit against Oracle due to the old practice of not removing vulnerable versions of Java when updates were released. As explained in Java, The Never-Ending Saga, it wasn't until JRE SE 6u11, that the update mechanism for Java was finally changed to remove the previous install. However, it did not remove installations prior to update 10. As a result, computers with earlier versions of Java SE were/are still vulnerable to the security risks corrected in later versions.
In the event you still need Java installed on your computer, step-by-step instructions are available for uninstalling Java covering operating systems from Windows ME through Windows 10. See Instructions for Uninstalling Java.
Download Information Download link: Java SE 8u111
Java SE 8u112 can be found here. Select the appropriate version for your operating system.
Verify your version: http://www.java.com/en/download/testjava.jsp
The usual warnings to UNcheck any pre-checked toolbar and/or software options presented with the update apply.
Java SE 8u111 Update Release Notes
Java SE 8u1102 Update Release Notes