Oracle has released an emergency security update for Java SE running in desktop web browsers.
Advisory addresses an unspecified vulnerability(CVE-2016-0636) which can be remotely exploited without authentication, may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user’s system.
Oracle Java SE 7 Update 97, and 8 Update 73 and 74 for Windows, Solaris, Linux, and Mac OS X are affected.
Patch Availability Table
|Product Group||Risk Matrix||Patch Availability and Installation Information|
|Oracle Java SE||Oracle Java SE Risk Matrix||