• Oracle Security Update: US-CERT (Java etc)

    Author
    Topic
    #125967

    Oracle Releases Security Bulletin
    https://www.us-cert.gov/ncas/current-activity/2017/07/18/Oracle-Releases-Security-Bulletin

    Original release date: July 18, 2017

     
    Oracle has released its Critical Patch Update for July 2017 to address 308 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

    Users and administrators are encouraged to review the Oracle July 2017 Critical Patch Update (link is external) and apply the necessary updates.

     
    Offline Java installers available here
    Java 8u141 Checksums

    1 user thanked author for this post.
    Viewing 6 reply threads
    Author
    Replies
    • #126065

      Thank you.

    • #138843

      Oracle Releases Security Bulletin
      https://www.us-cert.gov/ncas/current-activity/2017/10/17/Oracle-Releases-Security-Bulletin

      Original release date: October 17, 2017

       
      Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

      Users and administrators are encouraged to review the Oracle October 2017 Critical Patch Update (link is external) and apply the necessary updates.

       
      Java Downloads for All Operating Systems
      Recommended Version 8 Update 151
      Release date October 17, 2017
       
      Checksum for Java SE 8u151 binaries

      1 user thanked author for this post.
      • #141418

        An update from Oracle, a critical issue with Oracle Identity Manager:

        Oracle Security Alert Advisory – CVE-2017-10151
        Modification History
        Date 2017-October-27
        Note Rev 1. Initial Release

        Description
        This Security Alert addresses CVE-2017-10151, a vulnerability affecting Oracle Identity Manager. This vulnerability has a CVSS v3 base score of 10.0, and can result in complete compromise of Oracle Identity Manager via an unauthenticated network attack. The Patch Availability Document referenced below provides a full workaround for this vulnerability, and will be updated when patches in addition to the workaround are available.

        Due to the severity of this vulnerability, Oracle strongly recommends that customers apply the updates provided by this Security Alert without delay.

    • #160048

      Oracle Releases January 2018 Security Bulletin
      https://www.us-cert.gov/ncas/current-activity/2018/01/16/Oracle-Releases-January-2018-Security-Bulletin

      Original release date: January 16, 2018

       
      Oracle has released its Critical Patch Update for January 2018 to address 237 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to obtain access to sensitive information.

      NCCIC/US-CERT encourages users and administrators to review the Oracle January 2018 Critical Patch Update (link is external) and apply the necessary updates.

       
      Offline Java installers available here
      Java 8u161 Checksums

      Oracle blog: January 2018 Critical Patch Update Released

      2 users thanked author for this post.
    • #162210

      Java 32-bit came installed on my pc. I disabled it in my browser a while back due to security concerns. I didn’t uninstall it, as I didn’t know if it was needed for something. I haven’t noticed any problems since disabled. Is it ok to uninstall it? I’ve never used it on Windows 8.1 laptop.

      Windows 7 Home Premium 64-bit SP1

      • #162214

        Uninstalling it will do no harm. If something doesn’t work and needs it, it is free on the Java website.

        1 user thanked author for this post.
      • #162215

        Java can be used by programs other than browsers. If you uninstall it, and a program doesn’t work properly anymore, you can install it again.

        1 user thanked author for this post.
    • #198976

      Just updating a machine’s Java to jre-8u171 (released in April 17th), and was given this notice on completion:

      Oracle Java SE 8 Release Updates

      Public updates for Oracle Java SE 8 will remain available for individual, personal use through at least the end of 2020.

      Public updates for Oracle Java SE 8 released after January 2019 will not be available for business, commercial or production use without a commercial license.

      If you are a CONSUMER using Java for individual, personal use, you will continue to have the same access to Oracle Java SE 8 updates as you do today through at least the end of 2020. In most instances, the Java-based applications you run are licensed separately by a company other than Oracle (for example, games you play on your PC are likely developed by a gaming company). These applications may run on the Java platform and be dependent on Oracle Java SE 8 updates beyond 2020. Accordingly, Oracle recommends you contact your application provider for details on how they plan to continue to provide application support to you.

      If you are a DEVELOPER, Oracle recommends…

       
      Read the full release here

    • #210739

      Oracle Releases July 2018 Security Bulletin
      https://www.us-cert.gov/ncas/current-activity/2018/07/17/Oracle-Releases-July-2018-Security-Bulletin

      Original release date: July 17, 2018

       
      Oracle has released its Critical Patch Update for July 2018 to address 334 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

      NCCIC encourages users and administrators to review the Oracle July 2018 Critical Patch Update (link is external) and apply the necessary updates.

       
      Offline Java installers available here
      Java 8u181 Checksums

    • #311920

      Oracle Releases January 2019 Security Bulletin
      https://www.us-cert.gov/ncas/current-activity/2019/01/15/Oracle-Releases-January-2019-Security-Bulletin

      Original release date January 15, 2019

      Oracle has released its Critical Patch Update for January 2019 to address 284 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

      The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Oracle January 2019 Critical Patch Update and apply the necessary updates.

      Offline Java installers available here
      Java 8u201 Checksums

      2 users thanked author for this post.
    Viewing 6 reply threads
    Reply To: Oracle Security Update: US-CERT (Java etc)

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: