TA13-107A: Oracle has released multiple updates for Java SE

Discussion in 'Security Alerts' started by News, Apr 17, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,208
    Likes Received:
    20
    Original release date: April 17, 2013
    [h=3]Systems Affected[/h]
    • JDK and JRE 7 Update 17 and earlier
    • JDK and JRE 6 Update 43 and earlier
    • JDK and JRE 5.0 Update 41 and earlier
    • JavaFX 2.2.7 and earlier
    [h=3]Overview[/h] Oracle has released a Critical Patch Update (CPU) for Java SE.  Oracle strongly recommends that customers apply CPU fixes as soon as possible.
    [h=3]Description[/h] Oracle Java SE Critical Patch Update Advisory - April 2013 describes the update as:


    A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update and Security Alert. Thus, prior Critical Patch Update and Security Alert advisories should be reviewed for information regarding earlier accumulated security fixes.
    [h=3]Impact[/h] A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.
    [h=3]Solution[/h] Apply Updates
    Oracle Java SE Critical Patch Update Advisory - April 2013 includes the following information:
    Developers can download the latest release from http://www.oracle.com/technetwork/java/javase/downloads/index.html.
    Users running Java SE with a browser can download the latest release from http://java.com. Users on the Windows and Mac OS X platforms can also use automatic updates to get the latest release.
    The latest JavaFX release is included with the latest update of JDK and JRE 7. For JDK and JRE 6 users, the latest Java FX release is available from http://www.oracle.com/technetwork/java/javafx/
    [h=3]References[/h]
    [h=3]Revision History[/h]
    • April 17, 2013: Initial release
    [HR][/HR] This product is provided subject to this Notification and this Privacy & Use policy.



    Syndicated from the United States Security Readiness Team (US-CERT). More...
     

Share This Page

Loading...