You should update your system as soon as possible.
Oracle’s quarterly Critical Patch Update is for all Oracle products and includes 36 security fixes for Oracle Java SE. These address a wide range of vulnerabilities including some known to be targeted by cyber criminals.
You should carefully evaluate your need for Java and if you do not require it, you should uninstall or disable it.
Java is (confusingly) both a programming language and a software platform owned by Oracle. Some applications and websites require Java to be installed on your computer to function correctly, but many people can manage without it and should ensure it is disabled.
For the average user, the most commonly used component of the Java SE package is the Java Runtime Environment (JRE).
Even more confusingly, Java can be referred to by a multitude of different names. Oracle’s website points out that, “Java software for your computer, or the Java Runtime Environment, is also referred to as the Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, Java plug-in, Java plugin, Java add-on or Java download.”
Oracle provides a more detailed explanation of Java here.
Disabling Java by disabling its browser plugin is the easiest approach to managing Java on your computer. This will stop Java from running while using your browser which is how Java has been the most vulnerable. You can still re-enable the plugin in the future if required.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.