{"id":21880,"date":"2014-01-15T12:59:32","date_gmt":"2014-01-15T20:59:32","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=21880"},"modified":"2016-10-06T12:39:00","modified_gmt":"2016-10-06T19:39:00","slug":"oracle-patches-java-security-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/","title":{"rendered":"Oracle Patches Java Security Vulnerabilities"},"content":{"rendered":"<p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/java-security-header.jpg\"><img loading=\"lazy\" class=\"aligncenter size-full wp-image-9725\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/java-security-header.jpg\" alt=\"java-security-header\" width=\"660\" height=\"370\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/java-security-header.jpg 660w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/java-security-header-150x84.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/java-security-header-300x168.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/java-security-header-657x368.jpg 657w\" sizes=\"(max-width: 660px) 100vw, 660px\" \/><\/a><\/p>\n<p>Yesterday, Oracle issued a <a href=\"http:\/\/www.oracle.com\/technetwork\/topics\/security\/cpujan2014-1972949.html\" target=\"_blank\">critical patch update<\/a> for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle&#8217;s Java update fixes 36 vulnerabilities, 34 of which are remotely exploitable without authentication.<\/p>\n<p>Oracle notes:<\/p>\n<blockquote><p>These vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.<\/p><\/blockquote>\n<p>Supported versions that are affected: Java SE 5.0u55, Java SE 6u65, Java SE 7u45, Java SE 7u45 on OS X, Java SE 7u45 on Firefox, JRockit R27.7.7, JRockit R28.2.9, Java SE Embedded 7u45, and JavaFX 2.2.45.<\/p>\n<p>As typical of Oracle&#8217;s Java updates, which occur quarterly instead of monthly, a colossal 36 bugs were fixed in this update. So it&#8217;s important that you update to Java SE 7u51\u00a0immediately to mitigate potential threats.<\/p>\n<p>Following is a complete list of all 36 vulnerabilities resolved in the Oracle Java SE update:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5870\" target=\"_blank\">CVE-2013-5870<\/a> : Vulnerability in the Java SE, JavaFX component of Oracle Java SE (subcomponent: JavaFX). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, JavaFX accessible data as well as read access to a subset of Java SE, JavaFX accessible data and ability to cause a partial denial of service (partial DOS) of Java SE, JavaFX.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5878\" target=\"_blank\">CVE-2013-5878<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data as well as read access to a subset of Java SE, Java SE Embedded accessible data and ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5884\" target=\"_blank\">CVE-2013-5884<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: CORBA). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5887\" target=\"_blank\">CVE-2013-5887<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5888\" target=\"_blank\">CVE-2013-5888<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5889\" target=\"_blank\">CVE-2013-5889<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5893\" target=\"_blank\">CVE-2013-5893<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5895\" target=\"_blank\">CVE-2013-5895<\/a> : Vulnerability in the Java SE, JavaFX component of Oracle Java SE (subcomponent: JavaFX). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, JavaFX accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5896\" target=\"_blank\">CVE-2013-5896<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: CORBA). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5898\" target=\"_blank\">CVE-2013-5898<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5899\" target=\"_blank\">CVE-2013-5899<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5902\" target=\"_blank\">CVE-2013-5902<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5904\" target=\"_blank\">CVE-2013-5904<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5905\" target=\"_blank\">CVE-2013-5905<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5906\" target=\"_blank\">CVE-2013-5906<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5907\" target=\"_blank\">CVE-2013-5907<\/a> : Vulnerability in the Java SE, JRockit, Java SE Embedded component of Oracle Java SE (subcomponent: 2D). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5910\" target=\"_blank\">CVE-2013-5910<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0368\" target=\"_blank\">CVE-2014-0368<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0373\" target=\"_blank\">CVE-2014-0373<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Serviceability). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0375\" target=\"_blank\">CVE-2014-0375<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0376\" target=\"_blank\">CVE-2014-0376<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0382\" target=\"_blank\">CVE-2014-0382<\/a> : Vulnerability in the Java SE, JavaFX component of Oracle Java SE (subcomponent: JavaFX). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JavaFX.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0385\" target=\"_blank\">CVE-2014-0385<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Difficult to exploit vulnerability allows successful unauthenticated network attacks via HTTP. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0387\" target=\"_blank\">CVE-2014-0387<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0403\" target=\"_blank\">CVE-2014-0403<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0408\" target=\"_blank\">CVE-2014-0408<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Hotspot). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0410\" target=\"_blank\">CVE-2014-0410<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0411\" target=\"_blank\">CVE-2014-0411<\/a> : Vulnerability in the Java SE, JRockit, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via SSL\/TLS. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, JRockit, Java SE Embedded accessible data as well as read access to a subset of Java SE, JRockit, Java SE Embedded accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0415\" target=\"_blank\">CVE-2014-0415<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0416\" target=\"_blank\">CVE-2014-0416<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAAS). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE, Java SE Embedded accessible data.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0417\" target=\"_blank\">CVE-2014-0417<\/a> : Vulnerability in the Java SE, JavaFX, Java SE Embedded component of Oracle Java SE (subcomponent: 2D). Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0418\" target=\"_blank\">CVE-2014-0418<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Very difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0422\" target=\"_blank\">CVE-2014-0422<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JNDI). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0423\" target=\"_blank\">CVE-2014-0423<\/a> : Vulnerability in the Java SE, JRockit, Java SE Embedded component of Oracle Java SE (subcomponent: Beans). Easily exploitable vulnerability allows successful authenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized read access to a subset of Java SE, JRockit, Java SE Embedded accessible data and ability to cause a partial denial of service (partial DOS) of Java SE, JRockit, Java SE Embedded.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0424\" target=\"_blank\">CVE-2014-0424<\/a> : Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java SE accessible data as well as read access to a subset of Java SE accessible data and ability to cause a partial denial of service (partial DOS) of Java SE.<\/li>\n<li><a href=\"http:\/\/www.cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0428\" target=\"_blank\">CVE-2014-0428<\/a> : Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: CORBA). Easily exploitable vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution.<\/li>\n<\/ul>\n<p>Users can go to Oracle\u2019s website to <a title=\"Java SE - Downloads\" href=\"http:\/\/www.oracle.com\/technetwork\/java\/javase\/downloads\/index.html\" target=\"_blank\">download Java SE 7u51<\/a> as advised. Windows and Mac OS X users can also use automatic updates to get the latest release.\u00a0Users running Java SE with a browser can download the latest release from <a href=\"http:\/\/java.com\/\" target=\"_blank\">Java.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle&#8217;s Java update fixes 36 vulnerabilities, 34 of which are remotely exploitable without authentication. Oracle notes: These vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":9921,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[261,75,459,861,183,143],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle&#039;s Java update\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Oracle Patches Java Security Vulnerabilities - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle&#039;s Java update\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2014-01-15T20:59:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2016-10-06T19:39:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Derek Erwin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png\",\"width\":\"400\",\"height\":\"260\",\"caption\":\"Java security updates\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/\",\"name\":\"Oracle Patches Java Security Vulnerabilities - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#primaryimage\"},\"datePublished\":\"2014-01-15T20:59:32+00:00\",\"dateModified\":\"2016-10-06T19:39:00+00:00\",\"description\":\"Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle's Java update\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Oracle Patches Java Security Vulnerabilities\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\"},\"headline\":\"Oracle Patches Java Security Vulnerabilities\",\"datePublished\":\"2014-01-15T20:59:32+00:00\",\"dateModified\":\"2016-10-06T19:39:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#webpage\"},\"wordCount\":2219,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png\",\"keywords\":[\"Bug Fixes\",\"Java\",\"Java SE\",\"Java SE 7u51\",\"Oracle\",\"Vulnerabilities\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\",\"name\":\"Derek Erwin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"caption\":\"Derek Erwin\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle's Java update","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"Oracle Patches Java Security Vulnerabilities - The Mac Security Blog","og_description":"Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle's Java update","og_url":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/","og_site_name":"The Mac Security Blog","article_published_time":"2014-01-15T20:59:32+00:00","article_modified_time":"2016-10-06T19:39:00+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Derek Erwin","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png","width":"400","height":"260","caption":"Java security updates"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/","name":"Oracle Patches Java Security Vulnerabilities - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#primaryimage"},"datePublished":"2014-01-15T20:59:32+00:00","dateModified":"2016-10-06T19:39:00+00:00","description":"Yesterday, Oracle issued a critical patch update for multiple security vulnerabilities in Java with the release of Java SE 7u51. Oracle's Java update","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Oracle Patches Java Security Vulnerabilities"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812"},"headline":"Oracle Patches Java Security Vulnerabilities","datePublished":"2014-01-15T20:59:32+00:00","dateModified":"2016-10-06T19:39:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#webpage"},"wordCount":2219,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png","keywords":["Bug Fixes","Java","Java SE","Java SE 7u51","Oracle","Vulnerabilities"],"articleSection":["Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/oracle-patches-java-security-vulnerabilities\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812","name":"Derek Erwin","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","caption":"Derek Erwin"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Java-Security-Update-Tile.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-5GU","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/21880"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=21880"}],"version-history":[{"count":19,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/21880\/revisions"}],"predecessor-version":[{"id":58120,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/21880\/revisions\/58120"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/9921"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=21880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=21880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=21880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}