Qualys Blog

www.qualys.com
wkandek

Oracle releases early CPU for Java 7

Acknowledging active exploit code in the wild for Java v7, Oracle decided to anticipate the release of the Java Critical Patch Update (CPU) February 2013. Kudos to Oracle for deciding to release the CPU earlier rather than sticking to the original schedule of February 19th – definitely the right move having the security of its users' in mind.

oracle_feb_2013.png
Apple had earlier blacklisted Java 7 Update 11 with an update to its xprotect mechanism.
Java 7 is now on on version update 13 and incorporates patches for over 50 vulnerabilities, with 44 patches addressing client side vulnerabilities, which have been the focus of much of the security issues over the last month. If you run Java on the desktop, please deploy as fast as possible.
Java 6 is now on version update 39, but is not at it is end of life. Java 6 users should urgently prepare their update to Java 7, as Java 6 will not receive any further updates.
java_6_eol.png
 

Leave a Reply