https://mannuforall.blogspot.com/
mannuforall
Providing Free Tech Support, Mobile and Tech updates, Free Mobile Apps, Apps on Demand, Handler UI Mod, Mobile Tips-Tricks, Free GPRS Setting, Windows Apps & Tips And Lots More Only At Your Favorite Mobile/Tech Blog
Privacy Policy | Disclaimer

Search This Blog

powered by

Home » Tech Updates » Download Latest JRE- Java Gets Critical Security Update

Download Latest JRE- Java Gets Critical Security Update

In the 19th update of Java SE eight-month-old TLS renegotiation bug finally patched. The 19th update of Java SE version 6 patches 27 remotely exploitable security vulnerabilities affecting the platform. The industry-approved fix for a bug in the widely-used TLS protocol discovered last August was also implemented. This is the first Java update since Oracle completed its acquisition of Sun Microsystems back in January and it contains individual releases for Java SE and Java Business JDK (Java Development Kit) and JRE (Java Runtime Environment) version 6. 
Corresponding updates for JDK version 5 and SDK version 4 are available for paying customers only, as these products have reached their end of life. Notable changes are the addition of seven new root SSL certificates and replacement of some older ones with new and improved versions, as well as the implementation of a warning dialog for Java Web Start applications that mix signed with unsigned code. The Transport Layer Security (TLS) Renegotiation Indication Extension (RFC 5746) was issued by the Internet Engineering Task Force (IETF) as a response to the renegotiation bug, discovered last August, was also implemented.

The authentication gaps in the TLS session renegotiation procedure were discovered by a software engineer named Marsh Ray, and can be exploited in a man-in-the-middle (MitM) scenario to inject plain text in the session. A practical attack using this technique was demonstrated against Twitter in November by Anil Kurmus, a security researcher from the French Eurecom Institute.

The update addresses a total of 27 remotely exploitable security vulnerabilities, out of which 9 affect the Java Runtime Environment (JRE) and 3 the Java Web Start browser plug-in, the two most widely used Java components. And even though the JRE is not attacked as frequently as other popular software like Adobe Reader or Adobe Flash Player, it is still a target in various Web exploit kits.
"Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU [Critical Patch Update] fixes as soon as possible," the accompanying advisory reads.  
Download Link Java Runtime Environment (JRE) Version 6 Update 19:


Java RunTime Environment JRE 6 Update19.exe (15.54 MB, direct download link for Windows)
Java RunTime Environment JRE 6 Update19.rpm (20.10 MB, direct download link for Linux)

Java RunTime Environment JRE 6 (All Platforms, if above link not work try this)




Plz Do not Hesitate to Comments on Article. You can share if you know more about it

In Categories: By Manoj at Tuesday, April 06, 2010

2 comments:

  1. mannuforallSaturday, July 02, 2011 9:55:00 AM

    You mean you browsing with your phone's browser?
    Which site having this problem?
    There's no java or JRE installation need for phones. Its already a
    java OS phone. May site required java script or flash support.

    ReplyDelete
  2. selvamSaturday, July 02, 2011 9:55:00 AM

    dear sir,i am selvam from tirupur.i have samsung corby pro bt5310 with BSNL 3G Connection.i am trader also(share market).when i browse some picture not displayed(asking install java).do you know from where java jre download.pls help me

    ReplyDelete

Thanks for Your valuable comments. You'll get a reply soon -mannuforall

Subscribe to: Post Comments (Atom)