Oracle Releases Security Patch to Eliminate Java Vulnerabilities on Windows

by Ivan Jenic
Ivan Jenic
Ivan Jenic
Troubleshooting Expert
Passionate about all elements related to Windows and combined with his innate curiosity, Ivan has delved deep into understanding this operating system, with a specialization in drivers and... read more
Affiliate Disclosure

To fix Windows PC system issues, you will need a dedicated tool

  • Download Fortect and install it on your PC
  • Start the tool's scanning process to look for corrupt files that are the source of your problem
  • Right-click on Start Repair so the tool could start the fixing algorythm
Download Now Fortect has been downloaded by 0 readers this month, rated 4.4 on TrustPilot

Oracle just issued a security patch for a Java vulnerability, which can be exploited when installing Java 6, 7 or 8 on the Windows platform. The latest Java security patch is labelled as Security Alert CVE-2016-0603. As Oracle says, the vulnerability could cause a ‘complete compromise of the system,’ if successfully exploited.

The vulnerability allows malicious software to be installed on users’ computers when they visit a malicious site, and download suspicious files on their computers. However, the vulnerability is present only during the installation process of Java 6, 7 and 8, which makes it relatively complex to exploit, but additional security measures can’t hurt.

“Because the exposure exists only during the installation process, users need not upgrade existing Java installations to address the vulnerability. However, Java users who have downloaded any old version of Java prior to 6u113, 7u97 or 8u73, should discard these old downloads and replace them with 6u113, 7u97 or 8u73 or later, “ says Oracle.

Security Alert CVE-2016-0603 is cumulative, which means that once you download it, you will also receive all previous Critical Patch Updates and Security Alerts released by Oracle

Use official Java downloads only!

Along with the announcement, Oracle also warned users to download all Java installers from its official site only, because downloading Java from an unofficial site could lead to downloading a malicious software.

“As a reminder, Oracle recommends that Java home users visit to ensure that they are running the most recent version of Java SE and that all older versions of Java SE have been completely removed. Oracle further advises against downloading Java from sites other than as these sites may be malicious.”

Attackers are looking for various ways to “break into” users’ PCs, mainly through third-party programs and services. We remind you that Adobe also released a security update for its Flash Player, some time ago, which tells us that companies are aware of the possible vulnerabilities, and they’re constantly working on new security patches to make users as safe as possible.