Oracle has pushed an update to its popular Java SE platform by patching 17 vulnerabilities, all which could allow an attacker to remotely exploit a machine without authentication.
In the patch update, five apply to client and server versions of Java SE. Eleven of the patches apply to client versions of Java SE and one applies to only the server version of Java SE. Oracle rated each patch “critical.” The company recommends “that customers apply fixes as soon as possible.”
Used on more than 850 million personal computers worldwide, Java has joined the ranks, along with Microsoft’s Internet Explorer, Windows and Adobe’s Reader and Flash, to become one of the internet’s most targeted vectors by hackers.
Oracle is in its sixth year of issuing its patches for servers and databases quarterly as part of their Critical Patch Update (CPU) program. While the next CPU is scheduled for July 19, Java SE won’t see its next update until October 18, according to this timetable.