On Tuesday, Oracle’s July Critical Patch Update (CPU) released more than 100 security patches addressing multiple products and services, including 20 critical updates for Java.
The Java patches aimed to fix vulnerabilities allowing hackers to remotely exploit iMac and Macbook users over a network without necessary username or password credentials.
The Java patches addressed the following:
- 17 vulnerabilities for Java SE
- 1 vulnerability for Java Secure Socket Extension client and server
- 2 vulnerabilities for Java client and server
Oracle’s advisory reported, “Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.”
This is not the first time users are affected by flaws in Java. In 2012, more than 600,000 Mac users were hit by a massive Mac malware attack by visiting a malicious webpage using an out-of-date Java version.
In response to the critical patches, security blogger and researcher Graham Cluley commented, “The vast majority of modern websites these days don’t require Java, so chances are that you don’t need Java enabled in your browser.”
Cluley suggests home users disable Java if not needed for a much safer online experience. “If you find that you do need to use Java for a particular website or applications, make sure to update it on your Mac today.”
Read More Here…