14 DAY TRIAL // Oracle has published a pre-release announcement for the June 2013 Critical Patch Update (CPU) that’s scheduled to become available on June 18.
The company advises users to apply the patches as soon as possible, since the CPU contains fixes for a total of 40 new security holes.
Of the 40 vulnerabilities, 37 can be exploited remotely without authentication. However, it’s uncertain if any of them are currently being exploited in the wild.
The June 2013 CPU addresses issues in JDK and JRE 7 Update 21 and earlier, JDK and JRE 6 Update 45 and earlier, JDK and JRE 5.0 Update 45 and earlier, and JavaFX 2.2.21 and earlier.
A few weeks ago, Oracle promised that it would take some measures to make Java safe again, but as experts highlight, there are a lot of users who have neglected to update their installations, despite the fact that patches have been available for quite some time.