NEWS - February 04, 2013
by Carol~ - 2/4/13 9:06 AM
Another Java update! Oracle brings Patch Tuesday forward to close in-the-wild hole...
I'll keep this one short, but I feel I ought to tell you.
"Yet another Java update! Get it while it's hot"
In calmer times, this update would have appeared on 19 February 2013.
Oracle's Critical Patch Updates for Java normally come out on the Tuesday closest to the 17th day in every fourth month. (Yes, I find that a little Byzantine, too.)
But Oracle brought its February 2013 Java patch forward, noting the "active exploitation 'in the wild' of one of the vulnerabilities affecting the Java Runtime Environment (JRE) in desktop browsers":
Oracle isn't saying which of the RCE (remote code execution) holes is the one that's actively being exploited, but bringing the patch forward is probably a good idea anyway.
According to the latest Oracle Risk Matrix there are 50 fixes, 49 of which might be remotely exploitable. That means merely visiting a web page might be enough to infect your computer.
The quick way to grab the latest version is to head over to Java.com and click the big red Free Java Download button.
Another Critical Java Update, You Know What To Do
Critical Java Update Fixes 50 Security Holes
Oracle releases emergency patches for Java
Oracle Pushes Massive Patch Release Ahead of Schedule