Oracle on Java - we *will* have Patch Tuesday on 19 Feb 2013 after all

Filed Under: Featured, Java, Oracle

Seems like our report that Oracle's Patch Tuesday had happened early was only partly true.

There was a Patch Friday on 01 February 2013, and it was accelerated by Oracle because it closed off exploits already known to be in the wild.

As far as we know, it succeeded in the job of blocking the attacks, and everyone was pleasantly surprised.

Turns out, however, that bringing the patches forward meant that some of them got left out.

So Oracle has now announced that there will be a Patch Tuesday after all, to top up Patch Friday to full strength.

Don't miss out on 19 February 2013!

By the way, Oracle describes the forthcoming update as cumulative, by which it means that it includes all the stuff from the previous update, too, in case you missed out at the start of the month.

That's a good idea (unless you're on a roaming data plan or some other expensive network connection, of course, and you already downloaded the previous update).

It ensures that you don't end up half-patched, giving you a second bite at the cherry, so to speak.

Nevertheless, if you didn't bother to get the previous update, I strongly recommend that you don't just idle until the 19th, knowing you'll catch up then.

Complaints about Oracle's sluggish patching regimen, especially for Java, which gets three main updates a year in place of the quarterly fixes for other Oracle products, have been pretty vocal in recent years.

Now that Oracle seems to be finding some velocity and the willingness to "patch early, patch often," take 'em up on the offer!

, , , , , ,

You might like

3 Responses to Oracle on Java - we *will* have Patch Tuesday on 19 Feb 2013 after all

  1. Thomas · 596 days ago

    I hope this patch will permit Firefox to re-enable Java in it's browser.

  2. Nigel · 596 days ago

    Were the missing elements also absent from the most recent Java update in OS X?

    • Paul Ducklin · 596 days ago

      Errrrrrrrr...I don't know. I assume they were not, since Oracle only announced the update to the update today.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog