Critical Windows and Java patches
January 18, 2013
On January 14, 2013, Microsoft released an out-of-band patch for a critical vulnerability in versions 6, 7, and 8 of Internet Explorer. Oracle has also released a patch for a critical vulnerability in Java.
* All Windows PCs must be patched. *
To patch your PC:
Click on the update icon on the taskbar. It is a globe or yellow shield with an exclamation point, depending on which version of Windows you're running.
If you do not have such an icon, run Windows Update by going to the site:
After patching, you may need to reboot your PC in order for the patches to take effect.
NOTE: If you are using a web application or other software that requires a specific version of Java, such as CMU's Oracle Financials system, you should NOT update the version of Java you are using.
If you do NOT need to use a specific version of Java, then you can visit:
for information on updating your browser software.
If you are using Java on Ubuntu, see:
for information on installing/upgrading Java.
On Facilitized Fedora hosts (F7 and higher), the default version of Java in /usr/local will be upgraded to the most recent patched version of Java 7 early next week.
If you do not need to use Java in a browser, it is recommended that you disable it. Instructions for doing so are at:
Please contact email@example.com or call the SCS Help Desk (x8-4231) if you have questions or problems with applying these patches.
Thank you for your attention,
SCS Help Desk