Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,299 Location Upstate, NY Apr 16, 2014 #1 If you still have Java installed, it is time to update! Oracle released the scheduled critical security updates for its Java SE Runtime Environment software. Oracle reported that Java SE does not include OpenSSL and, therefore is not affected by HeartBleed and CVE-2014-0160. For Oracle products that are affected, see OpenSSL Heartbleed Vulnerability CVE-2014-0160. This is a Critical Patch Update that contains 37 fixes for Java, 35 of which Oracle indicated can be exploited by an attacker without the need for authentication. Additional details about the update are available in my blog post here. Download Link: Java Version 7 Update 55 Warning: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.
If you still have Java installed, it is time to update! Oracle released the scheduled critical security updates for its Java SE Runtime Environment software. Oracle reported that Java SE does not include OpenSSL and, therefore is not affected by HeartBleed and CVE-2014-0160. For Oracle products that are affected, see OpenSSL Heartbleed Vulnerability CVE-2014-0160. This is a Critical Patch Update that contains 37 fixes for Java, 35 of which Oracle indicated can be exploited by an attacker without the need for authentication. Additional details about the update are available in my blog post here. Download Link: Java Version 7 Update 55 Warning: UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.
Will Senior Administrator Staff member Joined Mar 4, 2012 Posts 8,075 Location %tmp% Apr 16, 2014 #2 Updated. Supposedly Java is meant to notify me about updates, but it doesn't seem to do so very regularly - I was still running Java 7 Update 51.
Updated. Supposedly Java is meant to notify me about updates, but it doesn't seem to do so very regularly - I was still running Java 7 Update 51.
Corrine Administrator, Microsoft MVP, Security Analyst Staff member Joined Feb 22, 2012 Posts 12,299 Location Upstate, NY Apr 16, 2014 #3 Java 8 was released last month, compatible with Windows Vista, Windows 7 and Windows 8. However it is not compatible with Windows XP. (See Oracle Java SE 8 Released) Anyone who updated to Java 8 needs to get the security updates as well. If you elect to update to JRE SE 8, be sure to check that version 7 has been removed. If not, uninstall it.
Java 8 was released last month, compatible with Windows Vista, Windows 7 and Windows 8. However it is not compatible with Windows XP. (See Oracle Java SE 8 Released) Anyone who updated to Java 8 needs to get the security updates as well. If you elect to update to JRE SE 8, be sure to check that version 7 has been removed. If not, uninstall it.