Users with Java should upgrade immediately due to a critical vulnerability that allows attackers to fully take control over their computer. Oracle has issued an emergency patch for Java outside of its regular patch cycle.
The vulnerability exists in Oracle Java SE 7 Update 97 and Java 8 Update 73 and 74 for Windows, Solaris, Linux and Mac OS X and older versions. Attackers can exploit the vulnerability by directing users to a malicious or hacked site. When the exploit is successful attackers can take full control over the computer.
Oracle advises users to install the update as soon as possible due to the seriousness of the vulnerability The company also advices users to remove older Java versions from their computer and to only download Java from Java.com. Other websites might distribute Java infected with malware.
Currently there have been no reports of attacks that make use of the vulnerability.
