Oracle has released a new version of Java 7 Update 11. The direct download links to the offline installers are included at the end of this article.
Java Runtime Environment (JRE) allows users to run programs and applications programmed in Java language. Java became popular because of its portability. Programs developed in Java could be run on any platform including the mobile platforms. When Java was with Sun, it was developing leaps and bounds but then Oracle bought Java.
Since Oracle bought Java, it has been in crisis. We receive news about critical vulnerabilities in Java every now and then. The latest zero-day vulnerability was discovered a few days ago. The exploit was discovered in Java 7 update 10. The security firm Alienvault has already confirmed that the exploit is already being used by many websites to silently install malware and even ransomeware in drive-by download attacks.
The security exploit has already been added to Blackhole and Nuclear Pack exploit kits which are popular among hackers for exploiting.
Quickly responding, Oracle has released Java 7 Update 11 which fixes these exploits and vulnerabilities. You can read more about the security exploit in the issue CVE-2013-0422. Here is the summary of the security exploit and its fix released by Oracle:
This Security Alert addresses security issues CVE-2013-0422 (US-CERT Alert TA13-010A – Oracle Java 7 Security Manager Bypass Vulnerability) and another vulnerability affecting Java running in web browsers. These vulnerabilities are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications. They also do not affect Oracle server-based software.
The fixes in this Alert include a change to the default Java Security Level setting from “Medium” to “High”. With the “High” setting, the user is always prompted before any unsigned Java applet or Java Web Start application is run.
Although most of the browser vendors including Google Chrome, Firefox and Apple as a whole have disabled Java in their respective browsers but if you are using Java on your computer, it is highly recommended that you update to the latest version of Java 10 Update 11 to keep yourself safe from the latest vulnerability.
If you have already installed Java, you may want to go to Java control panel and see which version of Java you are running currently.
If you are not running Java 7 Update 11, you may download it from the links below. All the links are direct download links to complete offline installers.