Oracle has released new updates that patch 40 security holes in their Java Runtime Environment software. Anyone who needs or actively uses the Java Runtime Environment for work or gaming should promptly update their Java installation as soon as possible.
One thing to keep in mind is that there are limitations placed on updates for older versions of Java as shown in the following excerpt. If you are using an older version, then it is recommended that you update to the Java SE 7 release if possible (depending on your usage circumstances).
From the The H Security blog post: Only the current version of Java, Java SE 7, will be updated for free; downloads of the new version, Java SE 7 Update 25, are available and existing installs should auto-update. Mac OS X users will get an updated Java SE 6 for their systems as an automatic update; Java SE 7 on Mac OS X is updated by Oracle. Users of other older versions of Java will only get updates if they have a maintenance contract with Oracle.
Affected Product Releases and Versions:
- JDK and JRE 7 Update 21 and earlier
- JDK and JRE 6 Update 45 and earlier
- JDK and JRE 5.0 Update 45 and earlier
- JavaFX 2.2.21 and earlier
Note: If you do not need Java on your system, we recommend uninstalling it entirely or disabling the browser plugin.
You can download and read through the details about the latest Java updates by visiting the links shown below.
Oracle releases fixes for 40 Java holes [The H Security Blog]
[via The H Security]