Java 7 and Java 6 Security Updates

SUMMARY: Java 7 and Java 6 Security Updates
POSTED ON: 02/21/2013
REPORTER: Jocelyn E Kasamoto (jocelyn)
START TIME: Feb 21 01:25 PM
END TIME: TBD
DESCRIPTION: Oracle released security updates Java 7 u15 and Java 6 u41 to fix multiple vulnerabilities that could allow an attacker to execute arbitrary code on a vulnerable system. Please run Java updates to get the latest build for your version of Java.

Note: if Java is not required for your web apps, we recommend that you don't install Java or disable it, if it is already installed. If Java is required, dedicate one Java-enabled browser for that web app. Use a different browser (with Java disabled) for all other web browsing. This applies to Java, not javascript.


For Windows users:

To update Java 7:

- Go to the Control Panel ("Classic" view in Windows XP and
Vista, or "Icons" view in Windows 7; then go to "Programs" in Windows 8)
- Click on the Java icon
- Go to the "Update" tab from within the Java Control Panel
window, and click on "Update Now"

To update Java 6:

- Go to http://www.java.com/en/download/manual_v6.jsp
- Download the appropriate file for your Windows OS and follow instructions on the website

For mac users:

To update Java 7 (OS 10.7, 10.8):
- Go to http://www.java.com

To update Java 6 (OS 10.6.8):
- Go to Apple menu > Software update

or download from http://support.apple.com/kb/DL1573


For more information

Oracle Java Multiple Vulnerabilities (US-CERT Alert TA13-051A)
http://www.us-cert.gov/cas/techalerts/TA13-051A.html

Oracle Java SE Critical Patch Update Advisory - February 2013 (updated)
http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html

CERT Vulnerability Note VU#636312 - Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField () fail to restrict access to privileged code
http://www.kb.cert.org/vuls/id/636312#solution

See also "Java 7 Security Vulnerability (Updated 2/6/2013)" under Very Important News at
http://www.hawaii.edu/its

If you have questions or need assistance, please contact the ITS Help Desk at 956-8883 or email help@hawaii.edu.