Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Oracle brought forward its February Patch Tuesday to provide an accelerated fix for some in-the-wild exploits.
But that meant leaving other less vital stuff out, so the pre-empted Patch Tuesday will happen after all, on 19 Feb 2013. Be there!
"Yet another Java update! Get it while it's hot."
This update was planned for 19 Feb 2013.
But Oracle brought it forward, citing the "active exploitation 'in the wild' of one of the vulnerabilities affecting...desktop browsers".
Apple's thrown in the towel on the Java mess and has, for the second time in two weeks, blocked all versions of Java on OS X 10.6 (Snow Leopard) and later.
If you're installing a critical security update on your computer, caused by the software vendor's sloppy code quality, you probably wouldn't dream that your software vendor is trying to make some money out of the inconvenience.
Serial Java fault-finder Adam Gowdiak has embarrassed Oracle yet again.
The Polish researcher is publicly bragging about two brand-new vulnerabilities he's found even since Oracle's most recent patch just a week ago.
Irrepressible cybercrime investigator and reporter Brian Krebs has written about yet another Java zero-day exploit.
This one, it seems, targets an exploitable vulnerability even in Oracle's most recent release, Version 7 Update 11, aka 7u11.
After the recent discovery of a zero-day vulnerability in Oracle's Java Web Start plugin Apple and Mozilla are now disabling Java by default until fixes are made available.
Last week Oracle released Java 7 update 10 to the world without fixing a single vulnerability. That doesn't mean there aren't serious security improvements though. New settings could make Java users much safer from here forward.
A new round of spams proclaims you have been charged for a large purchase from Apple.
All links lead to webpages infected with the Blackhole exploit kit. Be cautious with your online shopping this holiday season.
Naked Security's Paul Ducklin talks to the Risky Business podcast about Oracle's patching schedule, lawsuits against Sony after the PlayStation Network breach and how a mathematician unpicked Google's DKIM verifier.
Java brings with it some significant risks, yet for many people, it's "just there on my computer."
In this episode, Duck and Chet tell you All about Java, and help you to make an informed decision in balancing its risks and rewards at work and at home.
Java flaws already included in Blackhole exploit kit, Oracle was informed of vulnerabilities in April
The latest Java flaw is already being exploited by criminals. Oracle was notified of the problem in April, but no fix is available. Learn how to disable Java or remove it from your computer to protect yourself.
A new zero-day vulnerability in Java discovered on a Chinese web server being used in a targeted attack is being quickly adopted by online criminals.
Back in April, Apple came under fire for delaying an update to Java until the Flashplayer malware got loose.
Let's hope that's a thing of the past, with Oracle publishing Java for OS X directly, and promising patches for OS X at the same time that they come out on Windows.
Chet and Duck take on the week's news once again in their inimitable and informative style.
You'll be glad to hear that there are several "good news" stories this week - data that didn't leak, malware that didn't infect, and cybercriminals who didn't get away with it!
Oracle's quarterly patch release fixes 87 vulnerabilities in various products including its Database, PeopleSoft, Siebel, Solaris and MySQL products.
It's Patch Tuesday and there are a bunch of critical advisories this month for Internet Explorer, RDP, Windows, Adobe Flash Player and Oracle Java.