An Important Update!

Java SecurityOracle’s official patch frequency for Java typically occurs once every four months. They usually take place around the middle of February, June and October. These regular updates are always released so you should mark them on your calendar. However, these patches aren’t the only fixes that you’ll need each year. Oracle frequently issues necessary security patches in between their regular updates.

The next update will occur on Tuesday, June 18th 2013. The details regarding fixes for this update haven’t been released to the public. But, Oracle has published a brief pre-announcement to remind everyone of the importance of this month’s update. The good news is that many security vulnerabilities will be repaired—A total of 40, all of which (aside from three) are RCE (Remote Code Execution) holes.

What is an RCE?

An RCE occurs when content is sent over the network to trick Java into performing operations that should be limited to trusted, previously installed code. Typically, an RCE occurs while browsing the Internet, and without you downloading, authorizing, or noticing the installment of malware that could infect your computer.  

Reducing the Risk of RCEs

There are two things you can do to reduce the risk of an RCE occurrence:

  1. In your browser options, turn off Java so that web-based Java applets can’t run.
  2. As soon as possible, apply Oracle’s patches. Turn on fully automatic updating, if you’d prefer to have the patches update automatically.

Oracle would like to switch Java onto a quarterly update cycle in the future, so it will be aligned with other Oracle products.  Be sure to watch for the update on Tuesday, June 18th 2013. Due to the importance of this update, you may prefer to auto-update before then!

I have a strong passion for helping Ottawa Businesses, Entrepreneurs and professionals to become more productive and successful while allowing them to feel at ease and secure when it comes to their Information Technology needs. As the President of Fuelled Networks since 1998, I specialize in providing no-nonsense flawless and prompt technical support to Ottawa businesses, with in-depth consulting on Fortinet, Microsoft, Microsoft Cloud Stack and security. I strive to help businesses to succeed and take great pride in building long-lasting positive relationships and taking on a strong leadership role within the Ottawa community.

Published On: 18th June 2013 by Ernie Sherman.