Oracle’s quarter security update bears 42 fixes for bugs in Java and an improved notice system to aid users with the trustworthiness of Java programs ahead of time.
Oracle stated the patch addressed 39 Java faults that could be remotely exploited by an attacker without a user’s login credentials. Update 7u21 also adds changes to the security notices users see whilst running Java applets and applications. For the last several years, vulnerabilities in Java have bestowed some of the most prolific threats facing enterprises.
According to a security message on Java’s site, the update will encourage developers and vendors to have their applications deemed legitimate by using digital certificates issued by a trusted certificate authority (CA).
“Low-risk scenarios present very minimal messages,” the post said. “They include a checkbox to prevent the display of similar messages for applications provided by the same vendor in the future. Higher-risk scenarios, such as running unsigned applications, require further interaction.”