Critical Windows and Java patches

January 18, 2013

On January 14, 2013, Microsoft released an out-of-band patch for a critical vulnerability in versions 6, 7, and 8 of Internet Explorer. Oracle has also released a patch for a critical vulnerability in Java.

* All Windows PCs must be patched. *

To patch your PC:

Click on the update icon on the taskbar. It is a globe or yellow shield with an exclamation point, depending on which version of Windows you're running.

If you do not have such an icon, run Windows Update by going to the site:

http://windowsupdate.microsoft.com

After patching, you may need to reboot your PC in order for the patches to take effect.

Java update

NOTE: If you are using a web application or other software that requires a specific version of Java, such as CMU's Oracle Financials system, you should NOT update the version of Java you are using.

If you do NOT need to use a specific version of Java, then you can visit:

https://www.cmu.edu/iso/patch-check/

for information on updating your browser software.

If you are using Java on Ubuntu, see:

http://www.cs.cmu.edu/~help/unix_linux/ubuntu_java.html

for information on installing/upgrading Java.

On Facilitized Fedora hosts (F7 and higher), the default version of Java in /usr/local will be upgraded to the most recent patched version of Java 7 early next week.

If you do not need to use Java in a browser, it is recommended that you disable it. Instructions for doing so are at:

https://www.java.com/en/download/help/disable_browser.xml

Please contact help@cs.cmu.edu or call the SCS Help Desk (x8-4231) if you have questions or problems with applying these patches.

Thank you for your attention,

SCS Help Desk