Java Update/Security Reminder

Soldato
Joined
13 Jan 2004
Posts
21,244
So,

I run a tight ship at home and keep everything updated, Java, Flash, the lot. Tonight I got an MSE warning for four Java exploits on my system. What the hell?

I'm running the latest Version 7 Update 5 and this exploit was patched in June! Turns out Java did not 'update' itself and I had 32 and 64Bit versions of Java installed, as expected but not Just Version 7 Update 5, but an ancient version 6 also. 4 JREs installed.....

Can only see it when you go into the Programs and Features and list Java or go into the Java Control Panel and list the JREs there. Even doing a java.com "Do I have Java?" check says "You have the latest version of Java" and makes no mention of any other version on your system.

Was totally unaware Java will NOT update an existing instance but merely add another JRE and leave the old version sitting about, seemingly available to be executed even though the latest JRE is installed and enabled.

Luckily for me it was only some Java class files that were in Java deployment areas and had not been executed or been able to download Trojan BS onto my system. Worth double checking though!
 
Last edited:
Good point. OP's Java was probably out of date at the time of posting. I patched my Java before the creation of this topic.

No it was not.

I manually checked the currently live downloadable version and did the actual "Do I have Java?" check.

The only available versions was 7 Update 5 and the Check returned "You have the latest version"

Edit - Checked sites. Only oracle.com has it, the actual Java site is still on Update 5.
 
Last edited:
Cheers for heads up.

Update installed, still keep it disable at browser level now though. Not worth it.

Edit - Just checked Auto Update default check frequency...Monthly....LOL! Changed that to daily.....
 
Back
Top Bottom