Oracle Java 7 and Java 6 security updates

SUMMARY: Oracle Java 7 and Java 6 security updates
POSTED ON: 03/06/2013
REPORTER: Jocelyn E Kasamoto (jocelyn)
START TIME: Mar 06 10:02 AM
END TIME: Mar 20 10:02 AM
DESCRIPTION: Oracle released security updates Java 7 u17 and Java 6 u43 to fix multiple vulnerabilities that could allow an attacker to execute arbitrary code on a vulnerable system. Please run Java updates to get the latest build for your version of Java.

Vulnerability CVE-2013-1493 is being actively exploited "in the wild" and exploit code is publicly available. Please apply the update as soon as possible.

Note: if Java is not required for your web apps, we recommend that you don't install Java or disable it, if it is already installed. If Java is required, dedicate one Java-enabled browser for that web app. Use a different browser (with Java disabled) for all other web browsing. This applies to Java, not javascript.

For Windows users:

To update Java 7:

- Go to the Control Panel ("Classic" view in Windows XP and
Vista, or "Icons" view in Windows 7; then go to "Programs" in Windows 8)
- Click on the Java icon
- Go to the "Update" tab from within the Java Control Panel
window, and click on "Update Now"

To update Java 6:

- Go to
- Download the appropriate file for your Windows OS and follow instructions on the website

For mac users:

To update Java 7 (OS 10.7, 10.8):
- Go to

To update Java 6 (OS 10.6.8):
- Go to Apple menu > Software update

or download from

For more information

Oracle Java Contains Multiple Vulnerabilities (US-CERT Alert TA13-064A)

Oracle Security Alert for CVE-2013-1493

CERT Vulnerability Note VU#688246 - Java contains multiple vulnerabilities

If you have questions or need assistance, please contact the ITS Help Desk at 956-8883 or email