Oracle announced the release of Java SE 7 Update 45 which hit the streets on Tuesday and 51 fixes in it. Fifty of the fixes are an attempt to remove vulnerabilities in Java that can be used for remote exploitation. That means that someone can use them to remotely attack your system. These attacks do not require authentication so the bad guy on the other end can get right in through Java without too much fuss. Of these 50 twelve of them allow for complete control of a system (which is bad). On the client side (web plug-in) the update has forty fixes just for that plug-in (out of the 51).

The vulnerabilities that are being patched can be accessed through either a Java applet or through the Java Web Start application. According to information we have some of these exploits have been known for a long time and account for a large number of malware attack on personal and corporate systems. Some of these might be in use by the Malware Toolkit systems that are in use around the globe. We know that these systems are common leased by people looking to attack large numbers of systems and come with a wide array of exploits pre-programed into them for someone to use in their work.

Oracle does say that they plan to push out updates on a more frequent basis which might be good news for people that need to use Java on their systems. However in some cases applications are not always able to work with the most recent versions of Java which leaves systems at risk until the software developer choses to update their systems. If you are not restricted by an application and you want to use Java, we recommend that you update your version of Java as soon as possible.

Tell us what you think about this in our Forum