Here is the another critical security update for all users as Java have once again raised the security warning on its products. Oracle warned that a dozen of new Java security vulnerabilities could be exploitable remotely to gain access to a target application without login.
Every application running on any of JRE/JDK versions 5, 6, 7, and 8 which is not patched is vulnerable to remote attacks that could allow attacker to compromise the application or to steal sensitive application data.
There were 14 vulnerabilities notified by the Java, and more than 6 millions systems are under threats. Java is one of the popular and basic application that has been installed in everyone's computers, so this means all of them are vulnerable.
Apart for these security updates, Oracle have also made another announcement of ending the security support for Java 7. So in future Oracle will not provide the public security updates for Java7.
“Coincident with the January 2015 CPU release users with the auto-update feature enabled will be migrated from Oracle JRE 7 to Oracle JRE 8. Also, please note the April 2015 CPU release will be the last Oracle JDK 7 publicly available update. For more information, and details on how to receive longer term support for Oracle JDK 7, please see the Oracle Java SE Support Roadmap.” -Oracle wrote on its website.
Users are recommended to update their Java Runtime Environment (JRE) and Java Development Kit (JDK) as soon as possible, as cyber criminals are on the peak to target vulnerable systems. Some bad news is that there are still millions of users who uses Java7 and this was the last update for Java7 from Oracle. So all users are recommended to update their Java version to Java 8 immediately, so they can still get the security updates for Java.