Oracle releases Java 0-day vulnerability security patch

Yesterday we highlighted the Java 7 0-day vulnerability (CVE-2012-4681) that necessitated immediate attention by disabling the Java plug-in. Oracle has now addressed this vulnerability by releasing a security patch that users should install on an immediate basis.

In the past, Oracle has only released updates once every 4 months. Hence it was expected that this specific update would only be available to users by October. By breaking this update cycle Oracle has acknowledged the seriousness of this vulnerability and the risks involved.

We advise everyone to immediately install this update as the number of related attacks have increased considerably. There are several websites that have already been compromised and can potentially launch malicious Java applets to infect visiting machines.

The Oracle security update can be downloaded by visiting this link. The update patches this particular 0-day vulnerability and also addresses 2 other minor vulnerabilities. Here is an image of the screen one will see and the option to select.

Java update

Rahul Thadani

Rahul Thadani

Follow @

Subscribe
Notify of
guest
39 Comments
Inline Feedbacks
View all comments
sachin
sachin
8 years ago

i hv recently upgraded Jave…do i have to download again?

i am in the middle of the work, so will it ask me to restart the computer once the setup is done?

Amit
Amit
8 years ago

I am Total Security user….i read the post…..my PC sus on Windows XP SP-2 2001 Build….i doubt it is 32bit…and Java has not provided above mentioned update for 32bit…..so may i know “how to check what bit my XP is?”
thnx

Amit

Resham
Resham
8 years ago

Doesn’t Quick heal protect me from that!!!!!!!!!!!!!!!!!!

Kaushik
Kaushik
8 years ago

How can i update java ? and which site i do this ?

Ritanjali maha
Ritanjali maha
8 years ago

good thing let me see

Alok
Alok
8 years ago

Hello,
I use OpenJDK, an open source implementation of Oracle Java for Linux platforms. Is my system vulnerable to the threat? If yes, how can my system be updated given that I don’t use the regular Oracle Java?

anveshak gautam
anveshak gautam
8 years ago

hi. i am used quick heal total security 2012. what is the java 0 day vulnerability.

karun
karun
8 years ago

hi rahul there are two options available with ‘windows x86’ONLINE AND OFFLINE, WHICH SHOULD I DOWNLOAD

TO BE CLEAR IN A LAYMAN DEFINITION CAN YOU EXPLAIN ME HOW DOES IT EFFECT THE PC

REGARDS
KARUN

Ashok M
Ashok M
8 years ago

Dear Rahul,
After clicking the required link for JRE Download, we go to another page where a whole list of downloads (Linux, MacOS, Windows 64bit etc) are shown. For Home Computers, as far as I know, the 32 bit version is needed BUT this version does NOT figure in the list. So what’s to be done??? Kindly advise?

Ashok M
Ashok M
8 years ago

I understand from your “Replies” that Windows x86 is to be downloaded BUT there’s a “Windows x86 Kernel” and there’s an ” Windows x86 Online”. So ARE BOTH TO BE DOWNLOADED??? Tks

Ashok M
Ashok M
8 years ago

Rahul,
Now that we have downloaded/installed the Security Patch for Version 7, DO WE NEED TO GO BACK AND “CHECK” THE BOX next to “MOZILLA FAMILY/Internet Explorer” (which you had asked us to Un-check in yesterday’s alert)??? i.e. Open “CONTROL PANEL”> Click “ADVANCED” > Expand “Default Java for Browsers” and re-check

Noebert Almeida
Noebert Almeida
8 years ago

Does one require to uninstall the previous updates of Java and the install the new update

Ankit Shah
Ankit Shah
8 years ago

After installing this patch do i have to manually enable java plug in?

Raj
Raj
8 years ago

Sir,
I have some issues about this matter…..i have some snapshots of issue which i want to show you so can you please reply me at my email address Cool_raj_ranchi@yahoo.in

Waiting

Asmit
Asmit
8 years ago

Hi. Rahul. I m using windows 7 OS . How can i know that my system is of 32-bit
or 64-bit . And i m a Quick heal user. Can i use this software? Plz reply.

Naresh
Naresh
8 years ago

I have Windows 7 Ultimate OS (32 bit) and Java 7.0.60.24 and update till 7u6. I followed the link and went to the Oracle site and was left confused as to which one to download for the security patch. Can you help me?

Naresh
Naresh
8 years ago
Reply to  Rahul Thadani

Thanks for this help. Doing it right now.

prashant
prashant
8 years ago

hi i prashant nice antivirus quick heal…….

MANOJ
MANOJ
8 years ago

i m quick heal user even though i need java update?

varun
varun
8 years ago

after updating we can enable java plugin?

Noebert Almeida
Noebert Almeida
8 years ago

After reading a article in PC World ie the following link https://www.pcworld.com/article/261788/researchers_find_critical_vulnerability_in_java_7_patch_hours_after_release.html
is it still safe to enable java plug-in again

swapnil gurjar
swapnil gurjar
8 years ago

Hi, Rahul,

I am working as an system admin in IT co. I want to buy quick heal total security for my co.. I would like to know whether this product supports oracle 10g or not

39
0
Would love your thoughts, please comment.x
()
x