Oracle has released a critical Java update to patch up the holes that had surfaced in the software. Fixes for around 50 security holes have been incorporated in the update. The Critical Patch Update released on the first of February takes care of the 50 vulnerabilities observed in the security of the software.
According to an Oracle blog that was posted last Friday, 44 of these flaws affect Java usage as Plugin for web browsers. If these holes are not adequately patched they could provide access to outside attackers to execute code remotely on the Mac or PC by pointing users to malicious sites.
Eric Maurice, director, Software Security Assurance at Oracle stated in the blog that Java Runtime Environment is very widely used in desktop browsers and the use of Java in web browsers is independent of operating systems. This makes the site a veritable target for hackers intending to do harm.
Security experts had pointed out the vulnerabilities that Java Plugin has and some have even recommended stopping the usage of the software until its security has been restored or heightened. Oracle, to make amends, had rolled out a hurried patch back in January 13, which proved to be insufficient.
The update that was rolled out last Friday was initially scheduled for February 19. However, Oracle said that one of the holes in Java Runtime Environment was being exploited to a large extent already. The new update mainly contains a fix for that particular flaw and other fixes offered in the update released in January.
Users already having java will be notified of the update. The latest version of the product can also be installed manually or updated via the Java product page of Oracle. Users can also verify whether the latest update has been installed on Java verification page of Oracle.