Java SE 7 Update 9 / 6 Update 37

Forum for anything else which doesn't fit in the above forums. Site feedback, random talk, whatever, are welcome.
Post Reply
cybpsych
Posts: 421
Joined: Wed Jan 12, 2005 2:33 am

Java SE 7 Update 9 / 6 Update 37

Post by cybpsych » Thu Aug 30, 2012 12:34 pm

Last edited by cybpsych on Tue Oct 16, 2012 7:07 pm, edited 2 times in total.

User avatar
5eraph
Site Admin
Posts: 4618
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Thu Aug 30, 2012 1:24 pm

Thanks, cybpsych. This update addresses the vulnerability described in CVE-2012-4681. :)

User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Thu Aug 30, 2012 1:41 pm

Yea thanks

User avatar
dumpydooby
Posts: 530
Joined: Sun Jan 15, 2006 6:09 am

Post by dumpydooby » Fri Aug 31, 2012 1:35 pm

5eraph wrote:Thanks, cybpsych. This update addresses the vulnerability described in CVE-2012-4681. :)
When I saw this thread, my first thought was, "I hope they took care of that 0-day vulnerability."

Thanks for letting us know that they addressed it. I was feeling lazy and didn't want to look it up myself. :D

User avatar
5eraph
Site Admin
Posts: 4618
Joined: Tue Jul 05, 2005 9:38 pm
Location: Riverview, MI USA

Post by 5eraph » Fri Aug 31, 2012 4:17 pm

NIST revised their page today, upgrading the threat to 10 across the board. Oracle now has a page for it as well, urging users to update "as soon as possible."

cybpsych
Posts: 421
Joined: Wed Jan 12, 2005 2:33 am

Post by cybpsych » Fri Aug 31, 2012 5:40 pm

ahhh crap, Java 7u7 is already compromised!

http://arstechnica.com/security/2012/08 ... west-java/

User avatar
shiner
Posts: 655
Joined: Sun Nov 08, 2009 4:18 am
Location: SE Asia

Post by shiner » Fri Aug 31, 2012 10:57 pm

Hopefully Oracle will not sit on their hands and get a fix out quick. It seems that they sat on the previous fix for months and only released when there were active exploits.
"You can lead a horse to water, but you can't make it drink."

User avatar
shiner
Posts: 655
Joined: Sun Nov 08, 2009 4:18 am
Location: SE Asia

Post by shiner » Tue Sep 11, 2012 2:53 am

Seems Oracle has silently updated Java 7u7 from b10 to b11.

The only file I noticed changed ( more than just the version number and date of digital signature ) is:

jfxwebkit.dll

which now has this size:

11,888,104 bytes
"You can lead a horse to water, but you can't make it drink."

adric
Posts: 581
Joined: Mon May 21, 2007 5:51 am

Post by adric » Sat Sep 15, 2012 9:49 am

shiner wrote:Seems Oracle has silently updated Java 7u7 from b10 to b11.
Anyone know if B11 plugged any additional security holes?
I haven't found many comments on this so I'm assuming it is not
critical which version you have.

Al

User avatar
shiner
Posts: 655
Joined: Sun Nov 08, 2009 4:18 am
Location: SE Asia

Post by shiner » Tue Oct 16, 2012 5:38 pm

JRE 1.7.0_09 and 1.6.0_37 are out.

Just go to to the Oracle java page.
"You can lead a horse to water, but you can't make it drink."


User avatar
ricktendo64
Posts: 3213
Joined: Mon May 22, 2006 12:27 am
Location: Honduras

Post by ricktendo64 » Tue Oct 16, 2012 7:05 pm

Thanks, as always

Post Reply