A System Engineers outlook on the world

Java Again

Congrats Oracle. You’ve released another Java security update- this time around it’s 7u17 and 6u43, and an amazing 13 days since the last update on Feb 19th. Anyone taking bets on when the next 0-day will be found in the wild?

This makes it the 4th release for Java 7 and 3rd for Java 6 this year. I’m sure all the Admins out there that have to start planning on testing a new version of Java are grateful for your quick response. This patch is addressing CVE-2013-1493 which Oracle has known about since Feb 1 2013.

Oracle, with all the Java patch releases how about releasing a SCUP catalog?

Everyone else that’s publishing systems that rely on Java applets: How about upgrading your code? I can think of 4 ‘Enterprise’ applications (several are SaaS type offerings in HR and Accounting) that require Java 6u17 or so- and refuse to run on anything else.