Oracle fixes 17 bugs in Java security update

Java SE updates are expected once ever four months from now on

Oracle has issued an update to Java SE that fixes a number of critical bugs in the widely used Internet software.

Nine of the 17 bugs that the company patched on Tuesday could, in theory, be used by hackers to take control of an unpatched computer. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply [the] fixes as soon as possible," Oracle said in a statement on its Website.

[ Also on InfoWorld: Oracle this week upgraded JDeveloper IDE. | Keep up with the latest developer news with InfoWorld's Developer World newsletter. ]

Java runs on more than 850 million PCs worldwide, according to Oracle, and that popularity has made it an attractive target for hackers. In recent years Java has joined Windows, Internet Explorer, and Adobe Reader as one of the most frequently attacked programs, and security experts say Internet users run a serious risk of being hacked if they do not keep their Java up to date.

Java users can visit Oracle's Java.com website to ensure that they have the latest version -- Java 6 update 26 -- installed on their computers.

Oracle's next Java update is set for Oct. 18, and according to Oracle's timetable it will update Java SE every four months after that. That's less frequently than the company patches its database and other server software. Oracle releases patches for everything except Java SE once every three months.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's email address is robert_mcmillan@idg.com.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies