It’s discouraging when an application update is compromised before we’ve even had the chance to apply it.
Oracle has released Java 7 Version 13, hot on the heels of Version 11, to fix a zero-day exploit — and numerous other security flaws.
Oracle rushes out an oversized Java patch
In mid-January, Oracle released Java 7 Version 11, which I discussed in the Jan. 17 Patch Watch (paid section). Reportedly, less than a day after Version 11′s release, hacker sites were offering a new exploit for the update. Oracle had scheduled the next Java update for Feb. 19 but surprised us all by releasing Version 13 on Feb. 1. As noted in the Oracle Software Security Assurance Blog, the company accelerated the release because there are active, in-the-wild attacks.
Java 7 Version 13 (no word on what happened to Version 12) is no small fix. The Oracle blog post states that the update is critical and patches 50 security vulnerabilities, 44 of which are for browser versions of Java.
As Woody noted in his Jan. 24 Top Story, “Security alert: Remove Java from your browsers” — and I repeated in the companion story, “Java: More than the usual cup of coding coffee” — the best policy is to uninstall or disable Java if you don’t truly need it.
Those stories prompted a few reader emails asking about problems with the Java Control Panel, updated in Version 11. As I discussed in the Jan. 17 Patch Watch, the control-panel update can fail if you have older versions of Java still installed. Go into Windows’ application-removal tool and look for all Java entries. (You likely won’t find them by looking in the Java Control Panel.) Uninstall any that were installed prior to Version 11.
Subscribe to our Windows Secrets Newsletter - It's Free!
Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!
Subscribe and get our monthly bonuses - free!
Want to hack the new Start screen and tiles for your Win8 Device, the new Lock screen, the new tile-based apps, or the automatic notification information? Yes, you can do that. How about running other operating systems inside Windows 8, running Windows 8 on a Mac, or hacking SkyDrive and social media? We'll show you how to do that as well. Get this excerpt and other 5 bonuses if you subscribe now!