![\"Java](\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2015\/03\/Java-Mac-Security.png\")
<\/p>\n<\/p>\n
Oracle has released an update for Java SE that addresses 14 security bugs, all of which may be exploitable over a network without the need for a username and password.<\/p>\n
With this update, after April 2015, Oracle will no longer post updates of Java SE 7<\/a> to its public download sites. Since January 2015,\u00a0Oracle has been migrating Java 7 users who have the auto-update feature enabled<\/a> over to Java 8, but if you haven’t converted yet, now is a good time to switch to the latest (more secure)\u00a0update to Java 8 Update 45<\/a>.<\/p>\n Supported Java versions that are affected by one or\u00a0more vulnerabilities patched in this update include: Java SE 5.0u81, Java SE 6u91, Java SE 7u76, Java SE 8u40, Java FX 2.2.76 and JRockit R28.3.5.<\/p>\n Java is widely installed across all operating systems, but\u00a0due to the way Java applets can be embedded in web pages, the bug-riddled software is an easily exploitable attack vector. Although Java is on the decline<\/a>, it still remains one of the most attractive targets for cyber-criminals.<\/p>\n If you have Java installed and need to use Java for websites or applications, it’s a good idea to take a few minutes to update this software. If you don’t have a need for it, you should consider removing Java altogether.<\/p>\n For those who wish to continue using Java, Brian Krebs via Krebs on Security<\/a> provided some valuable methods you can use to help reduce your risk as a Java user. He said:<\/p>\n If you have an affirmative use or need for Java, there is a way to have this program installed while minimizing the chance that crooks will exploit unknown or unpatched flaws in the program: unplug it from the browser unless and until you\u2019re at a site that requires it (or at least take advantage of click-to-play<\/a>, which can block Web sites from displaying both Java and Flash content by default). The latest versions of Java let users disable Java content in web browsers<\/a> through the Java Control Panel<\/a>. Alternatively, consider a dual-browser approach, unplugging Java from the browser you use for everyday surfing, and leaving it plugged in to a second browser that you only use for sites that require Java.<\/p><\/blockquote>\n For those of you interested, here’s a list of the vulnerabilities that Oracle patched<\/a> in the latest Java update:<\/p>\n For those who use Java, we recommend updating immediately. Java users can head over to Oracle’s website to download Java SE 8u45<\/a> as advised. Users running Java SE with a browser can download the latest release from Java.com<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Oracle released Java SE 8u45, closing 14 security bugs exploitable over a network without the need for a username and password. Update to Java 8 Update 45 now.<\/p>\n","protected":false},"author":4,"featured_media":9921,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[75,2149,2146,183],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\nDo you really need Java?<\/h3>\n
Java vulnerabilities<\/h3>\n
\n