News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Oracle Security Update: US-CERT (Java etc)

    Viewing 7 reply threads
    • Author
      Posts
      • #125967
        Kirsty
        Manager

        Oracle Releases Security Bulletin
        https://www.us-cert.gov/ncas/current-activity/2017/07/18/Oracle-Releases-Security-Bulletin

        Original release date: July 18, 2017

         
        Oracle has released its Critical Patch Update for July 2017 to address 308 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

        Users and administrators are encouraged to review the Oracle July 2017 Critical Patch Update (link is external) and apply the necessary updates.

         
        Offline Java installers available here
        Java 8u141 Checksums

        1 user thanked author for this post.
      • #126065
        anonymous
        Guest

        Thank you.

      • #138843
        Kirsty
        Manager

        Oracle Releases Security Bulletin
        https://www.us-cert.gov/ncas/current-activity/2017/10/17/Oracle-Releases-Security-Bulletin

        Original release date: October 17, 2017

         
        Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

        Users and administrators are encouraged to review the Oracle October 2017 Critical Patch Update (link is external) and apply the necessary updates.

         
        Java Downloads for All Operating Systems
        Recommended Version 8 Update 151
        Release date October 17, 2017
         
        Checksum for Java SE 8u151 binaries

        1 user thanked author for this post.
        • #141418
          Kirsty
          Manager

          An update from Oracle, a critical issue with Oracle Identity Manager:

          Oracle Security Alert Advisory – CVE-2017-10151
          Modification History
          Date 2017-October-27
          Note Rev 1. Initial Release

          Description
          This Security Alert addresses CVE-2017-10151, a vulnerability affecting Oracle Identity Manager. This vulnerability has a CVSS v3 base score of 10.0, and can result in complete compromise of Oracle Identity Manager via an unauthenticated network attack. The Patch Availability Document referenced below provides a full workaround for this vulnerability, and will be updated when patches in addition to the workaround are available.

          Due to the severity of this vulnerability, Oracle strongly recommends that customers apply the updates provided by this Security Alert without delay.

      • #160048
        Kirsty
        Manager

        Oracle Releases January 2018 Security Bulletin
        https://www.us-cert.gov/ncas/current-activity/2018/01/16/Oracle-Releases-January-2018-Security-Bulletin

        Original release date: January 16, 2018

         
        Oracle has released its Critical Patch Update for January 2018 to address 237 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to obtain access to sensitive information.

        NCCIC/US-CERT encourages users and administrators to review the Oracle January 2018 Critical Patch Update (link is external) and apply the necessary updates.

         
        Offline Java installers available here
        Java 8u161 Checksums

        Oracle blog: January 2018 Critical Patch Update Released

        2 users thanked author for this post.
      • #162210
        Lori
        AskWoody Plus

        Java 32-bit came installed on my pc. I disabled it in my browser a while back due to security concerns. I didn’t uninstall it, as I didn’t know if it was needed for something. I haven’t noticed any problems since disabled. Is it ok to uninstall it? I’ve never used it on Windows 8.1 laptop.

        Windows 7 Home Premium 64-bit SP1

        • #162214
          PKCano
          Manager

          Uninstalling it will do no harm. If something doesn’t work and needs it, it is free on the Java website.

          1 user thanked author for this post.
        • #162215
          MrBrian
          AskWoody_MVP

          Java can be used by programs other than browsers. If you uninstall it, and a program doesn’t work properly anymore, you can install it again.

          1 user thanked author for this post.
      • #198976
        Kirsty
        Manager

        Just updating a machine’s Java to jre-8u171 (released in April 17th), and was given this notice on completion:

        Oracle Java SE 8 Release Updates

        Public updates for Oracle Java SE 8 will remain available for individual, personal use through at least the end of 2020.

        Public updates for Oracle Java SE 8 released after January 2019 will not be available for business, commercial or production use without a commercial license.

        If you are a CONSUMER using Java for individual, personal use, you will continue to have the same access to Oracle Java SE 8 updates as you do today through at least the end of 2020. In most instances, the Java-based applications you run are licensed separately by a company other than Oracle (for example, games you play on your PC are likely developed by a gaming company). These applications may run on the Java platform and be dependent on Oracle Java SE 8 updates beyond 2020. Accordingly, Oracle recommends you contact your application provider for details on how they plan to continue to provide application support to you.

        If you are a DEVELOPER, Oracle recommends…

         
        Read the full release here

      • #210739
        Kirsty
        Manager

        Oracle Releases July 2018 Security Bulletin
        https://www.us-cert.gov/ncas/current-activity/2018/07/17/Oracle-Releases-July-2018-Security-Bulletin

        Original release date: July 17, 2018

         
        Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

        NCCIC encourages users and administrators to review the Oracle July 2018 Critical Patch Update (link is external) and apply the necessary updates.

         
        Offline Java installers available here
        Java 8u181 Checksums

      • #311920
        PKCano
        Manager

        Oracle Releases January 2019 Security Bulletin
        https://www.us-cert.gov/ncas/current-activity/2019/01/15/Oracle-Releases-January-2019-Security-Bulletin

        Original release date January 15, 2019

        Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

        The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Oracle January 2019 Critical Patch Update and apply the necessary updates.

        Offline Java installers available here
        Java 8u201 Checksums

        2 users thanked author for this post.
    Viewing 7 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Oracle Security Update: US-CERT (Java etc)

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.